NetAdminTools.com
 
Categories:
GNU/Linux | Homebrew designs | Perl | Ruby | Administration | Backup/Recovery | Bugs/Fixes | Certification | Database | Email | File/Print | Hardware | Information Grab Bag | Interoperability | GNU/Linux ABCs | Monitoring | Name Resolution | Network Services | Networking | Remote Control | Security | Desktop | Web | BSD | Solaris | GIAGD | ERP | REALbasic

Last 30 Days | Last 60 Days | Last 90 Days | All Articles | RSS


Categories:
·GNU/Linux
·Homebrew designs
·Perl
·Ruby
·Administration
·Backup/Recovery
·Bugs/Fixes
·Certification
·Database
·Email
·File/Print
·Hardware
·Information Grab Bag
·Interoperability
·GNU/Linux ABCs
·Monitoring
·Name Resolution
·Network Services
·Networking
·Remote Control
·Security
·Desktop
·Web
·BSD
·Solaris
·GIAGD
·ERP
·REALbasic
·All Categories


Block IP Addresses With IPtables
Topic:Security   Date: 2003-02-27
Printer Friendly: Print   Mobile View: mobile

spacerspacer
<<  <   >  >>

Subject

We wrote about blocking particular IP addresses with the route command here. If you are already using iptables, or want to start, a better way is to block particular hosts:

iptables -I INPUT -s 25.55.55.55 -j DROP

This command will simply drop any packet coming from the address 25.55.55.55. To list the chains:

iptables -L -n
.
.
.
DROP       all  --  25.55.55.55          0.0.0.0/0          
DROP       all  --  202.55.56.55         0.0.0.0/0
.
.
.

The -n sticks with just IP addresses, rather than resolving the name. This is useful if you have a lot of IP addresses. It can take a lot of time to resolve all of the addresses, particularly since they are probably funky. After all, you have blocked them for some reason. If you need to investigate with names, just use the command with out -n:

iptables -L
.
.
.
DROP       all  --  55.55.55.25.i.portscan.com  anywhere           
DROP       all  --  55.56.55.202.many.fetch.api.request.com anywhere 
.
.
.

If you later decide that you don't want to drop packets from a particular host, use the -D option instead of -I:

 
iptables -D INPUT -s 25.55.55.55 -j DROP

For more details on iptables, here is the manpage. Do be careful about changing firewall/route settings on remote servers, OK? You can block the rest of the world and yourself out with the wrong command.


People:
Places:
Things:
Times:





Please read our Terms of Use and our Privacy Policy
Microsoft, Windows, Windows Server are either trademarks or registered trademarks of Microsoft Corporation. NetAdminTools.com is not affiliated with Microsoft Corporation. Linux is a registered trademark of Linus Torvalds, and refers to the Linux kernel. The operating system of most distributions that contain the Linux kernel is GNU/Linux. All logos and trademarks in this site are property of their respective owner. Copyright 1997-2013 NetAdminTools.com