Shorewall

From Indie IT Wiki
Jump to: navigation, search

Shoreline Firewall (Shorewall) Tips

To list the connections from an IP address.

conntrack -L -s 192.168.0.103

To drop all the connections from an IP address.

conntrack -D -s 192.168.1.102

It can take up to 1 minute to drop all of them, so be patient. You can then restart shorewall and be certain any NEW connections (not ESTABLISHED ones) will be accounted for.

Block An IP Address

shorewall drop {IP-ADDRESS}

Allow An IP Address

shorewall allow {IP-ADDRESS}