Blocking IP ranges to the Internet
Here is my scenario:
I have setup DHCP on a network with set ranges for valid IPs I want passed out. The range is 192.168.101.75-200 I have noticed that there are certain people on this network (the network is for Internet access) that have statically given themselves IP addresses outside my predefined ranges. I would like to block them via IPTables so that they cannot get anywhere with their addresses. Would the following command via IPTables work: Code:
iptables -A INPUT -s 192.168.101/26 -j DROP Also what would be the rule to drop traffic from IPs below 75 (except my gateway which is on 192.168.101.1)? Thanks in advance |
Found the answer here is the correct IPTables syntax:
Code:
iptables -A INPUT -m iprange --src-range 192.168.101.200-192.168.101.254 -j DROP |
All times are GMT -5. The time now is 07:20 PM. |