[ale] [OT] info on x10 browser popups

Mike Millson mgm at atsga.com
Mon Apr 1 11:29:52 EST 2002


I'm just curious. Why did you choose to put the rule on the OUTPUT chain? My
thought was that the INPUT chain would maybe be a better place for it
because it was farther upstream.

Mike

-----Original Message-----
From: Geoffrey [mailto:esoteric at 3times25.net]
To: ale at ale.org
Sent: Saturday, March 30, 2002 11:05 PM
To: Atlanta Linux Enthusiasts
Subject: Re: [ale] [OT] info on x10 browser popups


Kevin Krumwiede wrote:
> You'd want to block the request for the page, and make sure the rule
> comes early so some other rule doesn't accept before it reaches this
> one:
>
> iptables -I OUTPUT 1 -d 63.211.210.22 -j DROP

I think the main problem here is that I'm sure x10 has more then one
server out there, hence you'll need to identify all their ip's in order
to block all the servers.  I don't think this is going to be an easy task.

i=1
while [ $i -le 254 ]; do
	dig -x 63.211.210.${i}
done

Then of course, they're bound to have other subnets as well.

>
> I tried to make it rule 0, but it appears that the rule numbering is
> 1-based???  Hmm..
>
> Krum
>
> On Sat, 2002-03-30 at 09:45, Mike Millson wrote:
>
>>Is this the iptables rule that would do this?
>>
>>iptables -A INPUT -p tcp -s 63.211.210.22 -j DROP
>>
>
>
>


--
Until later: Geoffrey		esoteric at 3times25.net

I didn't have to buy my radio from a specific company to listen
to FM, why doesn't that apply to the Internet (anymore...)?


---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be
sent to listmaster at ale dot org.



---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
sent to listmaster at ale dot org.






More information about the Ale mailing list