I am wondering what the best way to block certains IPs from a Linode would be.

Would it be best to install a full firewall product? My main concern is something like iptables seems to need a custom kernel, and I do not know anything about UML or the way the kernel works in a UML environment.

I am very comfortable re-compiling kernels on normal boxes, but I am not sure how this would affect a linode.

Anyone have any suggestions?

iptables doesn't need a custom kernel. It's true that iptables is controlled from kernel options, but most kernels - including the standard ones on Linode - enable it by default.

I'm not quite sure how to use it myself, but I can tell you that it's enabled and works - at least on my Linode, and I haven't done anything special with iptables.

Hmm I tried to emerge iptables in gentoo on my linode, but it would not compile because it could not access the kernel source.

Any ideas? I coudl emerge one of the various kernel sources but I would wonder if it is different the the actual kernel being used on the linode.

iptables comesby deafult because it is required by the kernal to run (i think does on my home box) so try that i use webmin to edit my tptables rules

If you already know which ips you want to block, put the ips in /etc/hosts.deny . (ALL: aaa.bbb.ccc.ddd)

Will /etc/hosts.deny block all traffic from those IPS (TCP, UDP, ICMP etc) ?

Lame bug in Gentoo. From another Linode user: "One work-around is to comment out the check_KV function in the iptables build."

All it wants is version.h...

-Chris

Thanks I got it installed and have been able to add rules to block IPs

man hosts_access