LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 09-18-2006, 10:25 AM   #1
caps_phisto
Member
 
Registered: Sep 2004
Location: NH
Distribution: FC6, FC1-4, RH9, Gentoo 2006.0/1, Slackware 10.1/2,11, Vector SOHO 5.0.1
Posts: 237

Rep: Reputation: 30
Blocking IP ranges to the Internet


Here is my scenario:

I have setup DHCP on a network with set ranges for valid IPs I want passed out. The range is 192.168.101.75-200

I have noticed that there are certain people on this network (the network is for Internet access) that have statically given themselves IP addresses outside my predefined ranges.

I would like to block them via IPTables so that they cannot get anywhere with their addresses.

Would the following command via IPTables work:
Code:
 iptables -A INPUT -s 192.168.101/26 -j DROP
I think that line would drop any packets coming in from 192.168.101.[192-255] to be dropped? Am I correct in assuming that?

Also what would be the rule to drop traffic from IPs below 75 (except my gateway which is on 192.168.101.1)?

Thanks in advance
 
Old 09-18-2006, 11:19 AM   #2
caps_phisto
Member
 
Registered: Sep 2004
Location: NH
Distribution: FC6, FC1-4, RH9, Gentoo 2006.0/1, Slackware 10.1/2,11, Vector SOHO 5.0.1
Posts: 237

Original Poster
Rep: Reputation: 30
Found the answer here is the correct IPTables syntax:

Code:
iptables -A INPUT -m iprange --src-range 192.168.101.200-192.168.101.254 -j DROP
That would drop access from 192.168.1.200-255.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
blocking specific websites, but allowing internet access poiuytrewq Linux - General 6 09-01-2006 12:45 AM
firewall blocking internet k4zau Linux - Networking 1 09-24-2004 03:18 PM
Blocking IP Address ranges in dhcpd.conf pmcdaid Linux - Networking 4 06-09-2004 10:18 AM
Blocking Iptables Ranges SuperSadSmile Linux - Security 6 02-09-2004 03:57 AM
Blocking an account from accessing the internet. magnum818 Linux - Security 2 12-03-2003 02:50 AM


All times are GMT -5. The time now is 12:48 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration