118,8 → 118,15 |
|
# Insertion de règles de blocage (Devel) |
# Here, we add block rules (Devel) |
if [ -f /usr/local/etc/alcasar-iptables-block.sh ]; then |
. /usr/local/etc/alcasar-iptables-block.sh |
if [ -s /usr/local/etc/alcasar-iptables-block ]; then |
while read ip_blocked |
do |
echo "Network Address blocked : $ip_blocked" |
$IPTABLES -A FORWARD -d $ip_blocked -j ULOG --ulog-prefix "RULE IP-blocked -- REJECT " |
$IPTABLES -A FORWARD -d $ip_blocked -j REJECT |
$IPTABLES -A FORWARD -s $ip_blocked -j ULOG --ulog-prefix "RULE IP-blocked -- REJECT " |
$IPTABLES -A FORWARD -s $ip_blocked -j REJECT |
done < /usr/local/etc/alcasar-iptables-block |
fi |
|
# Rejet des demandes de connexions non conformes (FIN-URG-PUSH, XMAS, NullScan, SYN-RST et NEW not SYN) |