[Shorewall-users] best method to block bad boy IP's ?

Scott Duncan sduncan@cytechconsult.com
Mon, 7 Jan 2002 11:31:31 -0800


I have an IP that I picked up scanning my firewall for port 22 and I want to
block all traffic from this IP. Is it best to do this by rules like the
following or is there a better way:

REJECT    net:65.66.80.53        fw         tcp          -
REJECT    net:65.66.80.53       dmz       tcp          -
REJECT    net:65.66.80.53       dmz        udp        -

(policy blocks all net -> loc)

Thanks!

Scott