# Iptables
iptables -A INPUT -p tcp -s 1.2.3.4 --sport 1024:65535 -d mailhost.sans.com --dport 22 -j LOG --log-level info
iptables -A INPUT -p tcp -s 1.2.3.4 --sport 1024:65535 -d mailhost.sans.com --dport 22 -j DROP
iptables -A FORWARD -p tcp -s 1.2.3.4 --sport 1024:65535 -d mailhost.sans.com --dport 22 -j LOG --log-level info
iptables -A FORWARD -p tcp -s 1.2.3.4 --sport 1024:65535 -d mailhost.sans.com --dport 22 -j DROP

# Ipchains
ipchains -A input -p tcp -s 1.2.3.4 1024:65535 -d mailhost.sans.com 22 -l -j DENY

! Cisco IOS
Access-list 101 deny tcp host 1.2.3.4 range 1024 65535 host mailhost.sans.com eq 22 log

# ipfilter
block in log proto tcp from 1.2.3.4 port = 1024:65535 to mailhost.sans.com port = 22

Please enter the IP and/or port(s) you wish to block. Any of the following may be left blank; blank addresses will be treated as "Any address" and blank ports will be treated as "Any port".

Source Address
Examples: somehost, somehost.somedomain.com, 1.2.3.4
Source Port
Examples: 12, 1024:65535
Destination Address
(Same format as Source Address)
Destination Port
(Same format as Source Port)
Protocol tcp udp

Created by the blockrules program. See http://www.stearns.org for more information about this tool and updated versions.