Infusion Technology Solutions Blog
Technology related solutions, tips, tricks, and other interesting topics
How to Block an IP Address Using Firestarter
10 Feb 2009Firestarter is a GNOME program which offers a GUI interface to the IP Tables firewall.
If you have Firestarter configured to allow all IPs addresses to all ports or a particular port on your server, you can’t block a specific IP from accessing those ports using the GUI interface. However, Firestarter does allow you to manually specify IP Tables rules to either load up BEFORE or AFTER the Firestarter firewall rules by editing configuration files. On CentOS 5, the file to put the rules you want to load before Firestarter’s rules is /etc/firestarter/user-pre. For rules you want to load after Firestarter loads its firewall rules, edit the file /etc/firestarter/user-post. When you add your rules, instead of using the command “iptables” you need to use the variable name “$IPT” instead. To block an IP address from accessing any of your ports, you will need to add the IP Tables rule to the user-post file.
For example, say you want to block the IP address 123.11.112.1 from accessing your server on any port. The normal IPTables rules for this is:
iptables -I INPUT -s 123.11.112.1 -j DROP
To make this rule work with Firestarter, add the following line to the /etc/firestarter/user-post file:
$IPT -I INPUT -s 123.11.112.1 -j DROP
After you edit the user-pre or user-post files, you have to restart the Firestarter service to put them into effect. On CentOS 5 you can run the following terminal command to restart the Firestarter service:
service firestarter restart
- Tags: ban, ban ip, centos 5, firestarter, firewall rules, gnome program, gui interface, ip tables
Comment Form
About this blog
This blog is about technology related topics. It will primarily contain problems and solutions to IT problems that I encounter on a day-to-day basis. In addition interesting things I come across either on or off the internet will be posted here as well. I will also include step-by-step tutorials to common tasks people may need to do with their computers.
Web Hosting Discount
-
Get the first month for only $0.01 using coupon code HGCOUPONBLOG. No contracts, cancel anytime.
Categories
- Apple (30)
- Electronics (10)
- Games (1)
- General IT Info (47)
- Information Security (12)
- Microsoft (11)
- Ramblings (3)
- The Net (5)
- Tutorials (3)
- Web Development (12)
- Don Farland: The http_proxy environment variable is case sensitive and should be all lowercase. I dropped it in [...]
- brad: I can confirm that this works for the newest 3.0+ software. works like a charm thanks to the creator [...]
- Jim Tidmore: Hello, I believe I followed everything but doesn't connect, don't get me wrong I am not complaining [...]
- Tom: Thanks for the clear and concise information. Tom [...]
- JAUHDIMATA: good solved.. thx [...]
- How to Reset the Password for an OS X Open Directory Mobile Account
- Terminal Command for Xserve Intel Hardware RAID Card
- How to Fix a Corrupted OS X Open Directory Account Password
- How to Configure Splunk to use a Web Proxy Server
- How to Get Trixbox Working Behind a NAT Firewall
- How to Backup and Restore a MySQL Database Using mysqldump
- How to Reset the Admin Password in ColdFusion MX 6
- How to Enable ReadyBoost for an ExpressCard SSD in Vista
- Sendmail Hangs When Starting Up or When Using It with PHP
- Mysqldump Error 29
Revolutionary One Time Password Device
