[Shorewall-users] Blacklist

Jim Hubbard jimh@dyersinc.com
Wed, 9 Jan 2002 10:09:27 -0500


Thanks for what seems to be a very good firewall.  I installed it last night
on my home router system, and even though I haven't really tweaked it yet,
every 'net based port scan I threw at, it like those at
http://scan.sygatetech.com/ and https://grc.com/x/ne.dll?bh0bkyd2, couldn't
even tell I was there (and this was with me initiating the scans from a
masq'd host behind the firewall).

A feature I'd like to see would be a command that would immediately add or
remove an ip or hostname to the blacklist and refresh the firewall.  Maybe
something like "shorewall blacklist 12.34.56.78 on" to add and "shorewall
blacklist 12.34.56.78 off" to remove.  Just an idea.

Thanks,
Jim Hubbard