NAME

       sanewall-blacklist - set up a unidirectional or bidirectional blacklist

SYNOPSIS

       blacklist [full | all] ip...

       blacklist {input | them | him | her | it | this | these} ip...

DESCRIPTION

       The blacklist helper command creates a blacklist for the ip list given (which can be in
       quotes or not).

       If the type full or one of its aliases is supplied, or no type is given, a bidirectional
       stateless blacklist will be generated. The firewall will REJECT all traffic going to the
       IP addresses and DROP all traffic coming from them.

       If the type input or one of its aliases is supplied, a unidirectional stateful blacklist
       will be generated. Connections can be initiated to such IP addresses, but the IP addresses
       will not be able to connect to the firewall or hosts protected by it.

       Any blacklists will affect all router and interface definitions. They must be declared
       before the first router or interface.

EXAMPLES

           blacklist full 192.0.2.1 192.0.2.2
           blacklist input "192.0.2.3 192.0.2.4"

SEE ALSO

           Sanewall program: sanewall(1)
           Sanewall configuration: sanewall.conf(5)

AUTHOR

       Sanewall Team

COPYRIGHT

       Copyright © 2012, 2013 Phil Whineray <phil@sanewall.org>