Here is a basic way to block a particular IP address using iptables
Say the IP address is 192.168.0.254, just launch your terminal editor and make sure you have these line
# iptables -I INPUT -s 192.168.0.254 -j DROP
To view them and other rules
# iptables -L -n
Alternatively, you might want to use the route command like so:
# route add -host 192.168.0.254 reject
to block the same IP address from conncting to your host.
These comes very hand when used inside shell scripts by batches, let's say you want to block non-consecutive 512 sets of IP address from the server, you can just create file and throw it to the script that process them, like so
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#!/bin/sh
for i in $(< bad-ip.lst) ; do
iptables -I INPUT -i eth1 -s "$i" -j DROP
# OR
route add -host $i reject
done
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File bad-ip.lst filr contains the list of IP addresses separated by lines like so:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
192.168.0.252
192.168.0.233
192.168.0.212
...
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Basically, that's it.
Subscription
Categories
- HowTos (612)
- Linux Devices (40)
- Linux Diggs (620)
- Linux News (1541)
- Linux Videos (24)
Recent Posts
Blog Archive
-
▼
2007
(340)
-
▼
July
(107)
- AMSN messenger install howto
- firefox browser - yum update howto
- kopete messenger install howto
- Gaim pidgin messenger install howto
- xmms - multimedia player install howto
- UltraDMA - speedup your harddisk howto
- sabayon - user profile manager howto
- 50 quick linux command tips part 3
- No negotiations with Microsoft in progress
- connect SamSung D820 mobile to linux howto
- yum from ISO image or CD install howto
- missing portmap reinstall howto
- 50 quick linux command tips part 2
- 50 quick linux command tips part 1
- desktop wiki install howto
- NASA tests Linux for spacecraft control
- warzone 2100 strategy 3d game install howto
- motd - message of the day
- more with kernel name version howto
- stop and start networking service howto
- change network proxy preference howto
- alexa firefox toolbar plugin install howto
- reboot / halt system via CLI howto
- gparted partitioning install howto
- google picasa install howto
- pine and pico install howto
- adobe/macromedia flash player test and install howto
- realplayer install howto
- Microsoft's TrueType core fonts install howto
- Why Choose Fedora? (Fedora vs. Ubuntu)
- Microsoft vs Opensource
- the df command
- linux possessed by monsterz
- change display setting howto
- NTP clock synchronization howto
- qtparted partitioning magic install howto
- host name and host aliases explained
- IP aliasing - virtual IP howto
- viruskiller on linux
- change keyboard language setting
- changing ethernet card settings howto
- TIP: WiFi with chillispot and linux
- play tennis the linux way
- sudoku game install howto
- my linux box talked to me
- CD/DVD burning software install howto
- A SYSAD BLOG - LINUX: list out active host connect...
- list out active host connection howto
- more with linux command named history
- GnuPG and enigmail thunderbird add-ons
- PDF file readers install howto
- digikam - KDE photo management install howto
- gnome floppy formatter
- f-spot Gnome photo manager install howto
- VLC media player install howto
- ping IP subnet block howto
- TIP: find and delete files recursively
- list out opened host ports howto
- TIP: linux process priority scheduling management
- TIP: spammer sending email using squid
- remount partition as read only howto
- additional swap file howto
- CrossOver install howto
- system-config-securitylevel-tui and lokkit howto
- format a windows partition from linux hadrdisk
- TIP: monitoring while mounting USB devices
- zero-sized a file without permission / ownership c...
- TIP: auto create mail spool when adding user
- md5sum checksum howto
- IP address to country lookup howto
- gnome mail notification install howto
- add new harddisk to existing linux system
- TIP: block an IP address
- disk space report
- more trace route command alternatives
- changing your hardware / software clock howto
- other interesting ping commands
- send email via CLI howto
- adding static route howto
- send message to all logged in users
- unzip zip untar tar bzip2 bunzip2 gzip gunzip file...
- format of /etc/passwd, /etc/shadow and /etc/group
- remove user's cron jobs howto
- find the user's files howto
- passphraseless + passwordless ssh howto
- passwordless ssh howto
- X11 Forwarding via ssh howto
- skype install howto
- disable IPv6
- lsusb - list all USB devices
- make yum faster
- lspci - list all PCI devices
- kill a process
- beginners CLI guide for static ip address
- the pidof command
- retrieve data from mysql using bash script
- VirtualBox install howto
- call bash script inside php web page
- alternative linux browsers
- last / currently logged in users
-
▼
July
(107)
Friday, July 13, 2007
TIP: block an IP address
Subscribe to:
Post Comments (Atom)
ILoveTux - howtos and news | About | Contact | TOS | Policy
0 comments:
Post a Comment