# apt install portsentry
Настраивается по умолчанию
# cat /etc/portsentry/portsentry.conf
... BLOCK_UDP="0" BLOCK_TCP="0" ...
# tail -f /var/log/syslog ИЛИ # journalctl -f
# cat /etc/portsentry/portsentry.conf
... BLOCK_UDP="1" BLOCK_TCP="1" ...
# cat /etc/portsentry/portsentry.conf
... # Newer versions of Linux support the reject flag now. This # is cleaner than the above option. KILL_ROUTE=... ...
/sbin/route del -host 192.168.N.M reject
# :> /etc/hosts.deny # cat /etc/portsentry/portsentry.conf
... KILL_HOSTS_DENY="ALL: $TARGET$" ...
# cat /var/lib/portsentry/portsentry.blocked.*