[Shorewall-users] Blacklist

Tom Eastep teastep@shorewall.net
Mon, 7 Jan 2002 13:53:35 -0800


On Monday 07 January 2002 01:39 pm, Pieter Ennes wrote:
> On Mon, 7 Jan 2002, Tom Eastep wrote:
> > As it turns out, I don't think that it is necessary for Shorewall to =
have
> > explicit blacklist support since it can be implemented nicely already=
=2E
>
> I agree.
>
> > In /etc/shorewall/hosts:
> >
> > bl=09eth0:ip1,ip2,...
>
> This doesn't work in my setup (1.2.0), eth0:ip1,eth0:ip2,... does
> however...
>
> > =09BLACKLIST=3D'cat /etc/shorewall/blacklist'
> > =09BLACKLIST=3D'echo $BLACKLIST | sed 's/ /,/g'`
>
> Ah, this is great, just what i needed!
>

Good -- if you still just want to list the ip addresses in your blacklist=
=20
file, something like this should work:

=09BLACKLIST=3D`cat /etc/shorewall/blacklist`
=09BLASKLIST=3Decho "eth0:$BLACKLIST" | sed `s/ /,eth0:/g'`

-Tom
--=20
Tom Eastep    \ A Firewall for Linux 2.4.*
AIM: tmeastep  \ http://www.shorewall.net
ICQ: #60745924  \ teastep@shorewall.net
-------------------------------------------