LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 04-14-2006, 04:56 PM   #1
asif2k
Member
 
Registered: Mar 2006
Location: Texas
Distribution: Fedora Project
Posts: 79

Rep: Reputation: 15

how do i deny an IP in my iptalbes? for example, let's say i want to deny IP 10.1.1.1 ? i am getting known hacks from certain IP's and I want to deny them?

last line in my iptables config file.
Code:
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
COMMIT
thank you

Last edited by asif2k; 04-14-2006 at 05:00 PM.
 
Old 04-14-2006, 06:33 PM   #2
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Quote:
Originally Posted by asif2k
how do i deny an IP in my iptalbes? for example, let's say i want to deny IP 10.1.1.1 ?
like this:
Code:
iptables -I INPUT -s 10.1.1.1 -j DROP
 
Old 04-16-2006, 06:36 PM   #3
Capt_Caveman
Senior Member
 
Registered: Mar 2003
Distribution: Fedora
Posts: 3,658

Rep: Reputation: 57
Also, once you are happy with your changes, make sure to save them so that they will be persistant across rebooting with: service iptables save

//Note: Please start your own threads unless you are responding to someone elses question. Moving your question to its own thread
 
Old 04-18-2006, 07:33 PM   #4
gabsik
Member
 
Registered: Dec 2005
Location: This planet
Distribution: Debian,Xubuntu
Posts: 546

Rep: Reputation: 30
You can add those dynamic ips to the hosts.deny too but what is the point of blocking dynamic ips ? That's the question ?
 
Old 04-18-2006, 11:22 PM   #5
Capt_Caveman
Senior Member
 
Registered: Mar 2003
Distribution: Fedora
Posts: 3,658

Rep: Reputation: 57
Caveat with using tcp_wrappers (hosts.allow/deny) is that it only works for daemons that have support for libwrap. Not all do (Apache, Postfix and others do not) so make sure to check the docs to verify whether hosts.deny can do what you want.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
blocking an IP using iptables picox Linux - Security 7 12-10-2010 02:00 PM
Blocking Emule with Iptables Palula Linux - Networking 12 08-26-2005 12:21 PM
iptables - Blocking an URL ddaas Linux - Security 2 10-14-2004 06:36 PM
blocking MSN using iptables? systemgsr Linux - Networking 16 09-04-2003 11:59 AM
Blocking Kazaa with Iptables, Anyone? markng Linux - Security 6 06-27-2003 06:35 PM


All times are GMT -5. The time now is 11:31 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration