Denying Access to Problem Sites Up Front
If some site is making a habit of scanning your machine or otherwise being a nuisance, you might decide to deny it access to everything, at least until the problem behavior is corrected.
One way to do this without editing the rc.firewall script each time is to include a separate file of specific drop rules. By inserting the rules into the INPUT chain rather than appending them, the site will be blocked even if subsequent rules would otherwise allow them access to some service. The file is named /etc/rc.d/rc.firewall.blocked. To avoid a possible runtime error, check for the file's existence before trying to include it:
# Refuse packets claiming to be from the banned list if [ -f /etc/rc.d/rc.firewall.blocked ...
Get Linux Firewalls, Third Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
