[svlug] Blocking Pirch

Tim tim at tetro.net
Sun Sep 1 05:04:37 PDT 2002

Previous message: [svlug] Blocking Pirch
Next message: [svlug] Blocking Pirch
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sun, Sep 01, 2002 at 06:39:42PM +0700, Neil Kittipalo wrote:
> I've some Windoze boxes on which people like to waste time with Pirch chat 
> rooms.
> Internet access is through a 486 running Suse 6.2 (it's been up a long time!)
> This is using ipchains for the firewall.
> What is the best way to block Pirch on the Windoze boxes? With ipchains or 
> something in /etc/services?

Assuming eth0 goes to your internal network, this might work:

  ipchains -I 1 input -i eth0 -p tcp --dport 6660:6670 -y -j DENY

Of course.. that would block ALL machines from connecting to most IRC
servers.. if you just want to block the Windows machines then maybe you
can have a rule to block each address using the -s option.

Maybe you should have rules to allow only certain outgoing connections,
like those with a destination port of 80, and block the rest.

> I don't seem to able to find this documented anywhere.

I found ``man ipchains'' most helpful.
Also there is a HOWTO for ipchains:
  http://www.tldp.org/HOWTO/IPCHAINS-HOWTO.html

   - Tim

Previous message: [svlug] Blocking Pirch
Next message: [svlug] Blocking Pirch
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the svlug mailing list