I want to prohibit the IP XXX.XXX.X.XX from controlling my desktop through vinagre. How to achieve this?

I have added 'vncserver:XXX.XXX.X.XX' in /etc/hosts.deny, but it does not work.

Your help is appreciated. :p

Do you wish to black list the ip entirely , or just from vinagre ?

blacklist :
sudo iptables -I INPUT 1 -s XXX.XXX.XX.XXX -j DROPIf just from vinagre


sudo iptables -I INPUT 1 -s XXX.XXX.XX.XXX -p tcp --dport 5900:5910 -j DROPYou can use iptables (as in the examples above), ufw, or if you wish a gui tool gufw or guarddog.

If you use iptables, you need to save and restore your changes.


sudo -c bash "iptables-save > /etc/iptables-saveNow edit /etc/rc.local


gksu gedit /etc/rc.localAdd this one line :


iptables-restore < /etc/iptables-save

Just a correction to typos. If just from vinagre:

sudo iptables -I INPUT 1 -s XXX.XXX.XX.XXX -p tcp --dport 5900:5910 -j DROP

Thanks The Cog, I edited my post as well.

Thank you, bodhi.zazen and The Cog. Your help is highly appreciated. :P

If I want to black list all ip except ip1 and ip2, just from vinagre, how should I do? :confused:

Thanks.

sudo iptables -I INPUT 1 -s good_ip_1 -p tcp --dport 5900:5910-j ACCEPT
sudo iptables -I INPUT 2 -s good_ip_2 -p tcp --dport 5900:5910 -j ACCEPT
sudo iptables -I INPUT 3 -p tcp --dport 5900:5910 -j DROP

Change "good_ip_1" and "good_ip_2" to the ip addresses you wish to allow.

sudo iptables -I INPUT 1 -s good_ip_1 -p tcp --dport 5900:5910-j ACCEPT
sudo iptables -I INPUT 2 -s good_ip_2 -p tcp --dport 5900:5910 -j ACCEPT
sudo iptables -I INPUT 3 -p tcp --dport 5900:5910 -j DROP

Change "good_ip_1" and "good_ip_2" to the ip addresses you wish to allow.

Thank you very much.