LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)
-   -   Iptables newbie: Avoiding connections from 130.40.23.12 (https://www.linuxquestions.org/questions/linux-networking-3/iptables-newbie-avoiding-connections-from-130-40-23-12-a-371532/)

guarriman 10-10-2005 10:12 AM
Iptables newbie: Avoiding connections from 130.40.23.12
 
Hi.

I want to implement an Iptables rule to avoid any connection from 130.40.23.12.
Is this correct?

iptables -A INPUT -i eth0 -p TCP -s 130.40.23.12 -j REJECT

Thank you very much.

divirg 10-10-2005 02:17 PM
If by any connection, you mean TCP packets coming in on eth0 whose final destination is your machine, then yes, that is correct.

You could remove the -i eth0 and the -p TCP to reject all packets coming in on all interfaces (i.e. ICMP or UDP on eth0 or eth1):

Code:
iptables -A INPUT -s 130.40.23.12 -j REJECT
Alternatively, if you don't want to send a rejection message back to 130.40.23.12, Simply DROP the packet:

Code:
iptables -A INPUT -s 130.40.23.12 -j DROP
If you want to reject/drop all packets coming from that machine, i.e. those destined for your local machine and those that would route through it to another machine, duplicate one of the above rules, but change INPUT to FORWARD. To block outgoing connections, duplicate again, this time using OUTPUT instead of INPUT.


All times are GMT -5. The time now is 01:23 AM.