Blocking access to an ip address

      No Comments on Blocking access to an ip address

Sometimes you need to block access to a specific ip address for test purposes – for instance to simulate unavailability of a web-service.

Here’s how to do it on macOS and Linux. In both cases, we’ll block access to 192.168.0.10. Any existing connections will also be blocked.

On macOS:

$ sudo nano /etc/pf.conf

# add the line:
# block drop from any to 192.168.0.10

$ sudo pfctl -e -f /etc/pf.conf
# to activate it

=====================================
To unblock again:

$ sudo nano /etc/pf.conf
# remove the line:
# block drop from any to 192.168.0.10

$ sudo pfctl -e -f /etc/pf.conf
# to activate it

on Linux:

# to block access to 192.168.0.10 (note: ens160 is the network interface name)
$ sudo iptables -I FORWARD -o ens160 -d 192.168.0.10 -j DROP

# and to unblock it again:
$ sudo iptables -D FORWARD -o ens160 -d 192.168.0.10 -j DROP

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.