yonas abraham wrote: > hi, > > I want to block a given IP from accessing my site, which is running > apache on a fully uptodated FC3 machine. > > I taught I would just put the ip on /etc/hosts.deny and restart the > machine. But It is not working. I can block an access to sshd very > simply by adding the IP or sshd: IP and it works fine. > > I wouldn't mind blocking every service to that IP in my machine but > preferably only httpd block. iptables -I INPUT -p tcp --dport 80 -s 123.123.123.123 -j DROP service iptables save will do what you need. Leave out the --dport 80 to make the guy coming from 123.123.123.123 unable to touch your box at all in tcp. -Andy
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
