LinuxQuestions.org - Trying to configure Iptables to block certain internal IP's

- Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)

- - Trying to configure Iptables to block certain internal IP's (https://www.linuxquestions.org/questions/linux-networking-3/trying-to-configure-iptables-to-block-certain-internal-ips-774006/)

rubberducky

12-07-2009 10:19 AM

Trying to configure Iptables to block certain internal IP's

I have an ubuntu server that acts as a gateway. Right now we have certain people who are allowed to access the net, and ones that aren't. What I'm trying to do is block the IP range that we dont want accessing the net. I tried 'iptables -I INPUT -m iprange --src-range 192.168.1.20-192.168.1.254 -j DROP' but that didnt work. What am I doing wrong?

nimnull22

12-07-2009 10:42 AM

INPUT chain - for incoming to firewall traffic, OUTPUT chain - for outgoing.

rubberducky

12-07-2009 11:20 AM

D'oh!
It still didnt work though. The command I used was: 'iptables -I OUTPUT -m iprange --src-range 192.168.1.20-192.168.1.254 -j DROP'

nimnull22

12-07-2009 11:27 AM

check your rule list with command from root console: iptables-save

nimnull22

12-07-2009 11:37 AM

And what is "iprange"?

rubberducky

12-07-2009 12:29 PM

Finally got it using 'sudo iptables -A INPUT -m iprange --src-range 192.168.1.20-192.168.1.254 -i eth1 -j DROP'

iprange is a nice little command I picked up from http://www.cyberciti.biz/tips/linux-...-or-ports.html
:) awesome little tool from all appearances.
Thanks a lot for the help!

All times are GMT -5. The time now is 09:52 PM.