TIP: block an IP address

Here is a basic way to block a particular IP address using iptables

Say the IP address is 192.168.0.254, just launch your terminal editor and make sure you have these line

# iptables -I INPUT -s 192.168.0.254 -j DROP

To view them and other rules

# iptables -L -n

Alternatively, you might want to use the route command like so:

# route add -host 192.168.0.254 reject

to block the same IP address from conncting to your host.

These comes very hand when used inside shell scripts by batches, let's say you want to block non-consecutive 512 sets of IP address from the server, you can just create file and throw it to the script that process them, like so


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#!/bin/sh
for i in $(< bad-ip.lst) ; do
iptables -I INPUT -i eth1 -s "$i" -j DROP
# OR
route add -host $i reject
done
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

File bad-ip.lst filr contains the list of IP addresses separated by lines like so:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~

192.168.0.252
192.168.0.233
192.168.0.212
...
~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Basically, that's it.