Re: Filtering IP numbers?

From: Bob Romprey (
Date: Mon Dec 18 2000 - 01:17:35 CET

('binary' encoding is not supported, stored as-is) Michele,

I thank you, and added this to my personal notebook.
But as an afterthought it occured that dynamic IP numbers would make it difficult to deny any single user without denying an entire at least class C network.
 As a result I've implemented a different httpd deamon which allows me to deny access based on User-Agent, which is probably a "neater" way to deny access to those that use what's known as "download managers".(socket suckers)
Without affecting anyone else on that particular network or even that particular user if using something a bit more civilized(IMHO).


>Date: Sat, 16 Dec 2000 12:24:23 +0100
>From: Michele Andreoli <>
>Subject: Re: Filtering IP numbers?
>On Fri, Dec 15, 2000 at 08:04:05PM -0800, Bob Romprey nicely wrote:
>> Greetings,
>> Asking a question for a change.
>> I need to find out if there's any way to disclude any particular class B or class C network from accessing thttpd through muLinux.
>> winsor
>ipfwadm -I -i reject -S -P tcp -D 0/0 80
>In this example, every coming from 192.168.2.* and going to port 80/tcp is
>blocked in input (-I). If you wish to block also forwarding (for example,
>to internet), the same line but -I -> -F.
>Please, try also the script "ipf" in muLinux: it is a sort of "fdisk"
>for IP filtering.
>In summing up, I wish I had some kind of affirmative message to leave
>you with, I don't. Would you take two negative messages? - Woody Allen
>To unsubscribe, e-mail:
>For additional commands, e-mail:

Visit the world's greatest site at and listen to the fart
of the day. Also, get your very own E-mail account. FREE!!!!!

To unsubscribe, e-mail:
For additional commands, e-mail:

This archive was generated by hypermail 2.1.6 : Sat Feb 08 2003 - 15:27:17 CET