Thursday, August 16, 2007

block consecutive IP address using scripts

How to block long list of consecutive IP address?
How to call linux route command inside a script?
How to block consecutive IP address using bash script or perl script?
How to block local IP address permanently?

The are times that a server does not need to listen and process any TCP/UDP request for a long list of consecutive local IP addresses.

This blog entry provides a starting point of creating server scripts to block a long list of consecutive IP address from the server for permanent blocking.

To start, launch your fave editor and create a IPblock.sh bash script like with contents similar to the next few lines. This blog entry assumes that you have bash shell and perl currently installed from the machine.

From below example, we are permanently blocking IP address from

192.168.0.10 to 192.168.0.254.

Here's a simple sample script that does the job.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#!/bin/bash
echo Blocking started ...

for ((i=10;i<=254;i=i+1)); do
/sbin/route add -host 192.168.0.$i reject
done

echo Done
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



This can also be accomplished using perl script which does the same function. Create a separate IPblock.pl perl script like so.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#!/usr/bin/perl -w

my $i;
for ($i=10; $i<=254; $i++ ) {
system ("/sbin/route del -host 192.168.0.$i reject");
}
}

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Make sure these scripts are root executable like so

# chmod 700 IPblock.sh
# chmod 700 IPblock.pl


Now, to execute individually

# ./IPblock.sh
# ./IPblock.pl

Additionally, the above scripts can be scheduled for regular execution if you need them so by using crontab utility.

0 comments:

Sign up for PayPal and start accepting credit card payments instantly.
ILoveTux - howtos and news | About | Contact | TOS | Policy