Shorewall

From Indie IT Wiki
Revision as of 14:43, 20 September 2015 by imported>Indieit
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Shoreline Firewall (Shorewall) Tips

To list the connections from an IP address.

conntrack -L -s 192.168.0.103

To drop all the connections from an IP address.

conntrack -D -s 192.168.1.102

It can take up to 1 minute to drop all of them, so be patient. You can then restart shorewall and be certain any NEW connections (not ESTABLISHED ones) will be accounted for.

Block An IP Address

shorewall drop {IP-ADDRESS}

Allow An IP Address

shorewall allow {IP-ADDRESS}