Article delegate-en/328 of [1-5169] on the server localhost:119
  upper oldest olders older1 this newer1 newers latest
search
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
[Reference:<Pine.LNX.4.05.9903051113330.15079-100000@mail.net4u.ro>]
Newsgroups: mail-lists.delegate-en

[DeleGate-En] Re: How to disable a specific CLIENT ip?
05 Mar 1999 20:08:32 GMT ysato@etl.go.jp (Yutaka Sato 佐藤豊)


In message <Pine.LNX.4.05.9903051113330.10000-00000X@mail.net4u.ro>
on 03/05/99(18:15:13):
 |> The easiest way I think is:
 |>   # route add host TheHost localhost 0
 |
 |On what O/S ?

Of course some (Unix) systems will provide more appropriate ways to
shut out the IP route to a specific target host (or net), but I think
routing it to the local loopback interface (localhost) is one of
common basic ways.

  SunOS/5.6     /usr/sbin/route add  host TargetHost localhost 0
  SunOS/4.1      /usr/etc/route add  host TargetHost localhost 0
  DEC-OSF1/4.0      /sbin/route add -host TargetHost localhost
  FreeBSD2.2        /sbin/route add -host TargetHost localhost 0
  Linux             /sbin/route add -host TargetHost reject

Rejecting any access from (or to) specified host (or net) by a proxy
server on the application layer is not efficient.  It should be done
on the IP layer.  So I've thought it will be useful to control the
routing in IP level by DeleGate semi-automatically.  The route command
has been a candidate of the method for the control, but I've thought
maybe I should use SNMP protocol to make it independent of platforms
of DeleGate, usable by non-root owners of DeleGate, and applicable to
remote routers.

Cheers,
Yutaka
--
Yutaka Sato <ysato@etl.go.jp> http://www.etl.go.jp/~ysato/   @ @ 
Computer Science Division, Electrotechnical Laboratory      ( - )
1-1-4 Umezono, Tsukuba, Ibaraki, 305-8568 Japan            _<   >_

  admin search upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
@_@V