Troubles blocking single IPs using IPtables
ok, ive tried a fair bit to get this to work, and i really dont understand why it dosent.
ive got a Slackware 9.1 p120 box acting as a router/firewall, using iptables Basically i want to be able to block specific IP addresses. The rest of the firewall/routing functions seem to work fine but i cant get it to block I have tried adding $IPTABLES -A INPUT -s IPAddress -j DROP in my firewall script, but it dosent seem to do anything, i can still access that ip address. The input part of my iptables -L *(the line with the star is my attempt at blocking) Chain INPUT (policy DROP) target prot opt source destination ACCEPT udp -- anywhere anywhere udp spt:mmcc ACCEPT udp -- anywhere anywhere udp spt:5051 ACCEPT udp -- anywhere 255.255.255.255 udp dpt:bootpc ACCEPT tcp -- anywhere anywhere tcp dpt:ssh ACCEPT tcp -- anywhere anywhere tcp dpt:4662 ACCEPT udp -- anywhere anywhere udp dpt:rfa *DROP all -- HOSTED-BY.VIRTUALXS.COM anywhere ACCEPT all -- anywhere anywhere ACCEPT all -- anywhere anywhere ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED DROP all -- 10.0.0.0/8 anywhere DROP all -- 172.16.0.0/12 anywhere DROP all -- 192.168.0.0/16 anywhere DROP all -- 169.254.0.0/16 anywhere DROP all -- anywhere loopback/8 DROP igmp -- anywhere anywhere DROP tcp -- anywhere anywhere tcp dpt:http DROP tcp -- anywhere anywhere tcp dpt:https LOG all -- anywhere anywhere LOG level warning prefix `|iptables -- ' anyone have any ideas? |
First off: When trying to connect to this site, do you connect from your slackware box or from a client behind your firewall?
|
the client behind the router.
|
Then you will have to set the blocking rule in the FORWARD chain.
Packets forwarded never pass the INPUT or OUTPUT chains. For a more detailed view have a look at http://iptables-tutorial.frozentux.n...-tutorial.html |
ok, i have now tried putting it in the forward table also, with no luck.
The first line in my Forward section is $IPTABLES -A FORWARD -s (ip to block) -j DROP giving a forward table of: Chain FORWARD (policy DROP) target prot opt source destination DROP all -- anywhere HOSTED-BY.VIRTUALXS.COM ACCEPT all -- anywhere 192.168.0.0/24 state RELATED,ESTABLISHED ACCEPT tcp -- anywhere 192.168.0.199 tcp dpt:4662 ACCEPT all -- anywhere anywhere i checked out that linkage too, it didnt seem to say anything about ip blocking. |
Ooops!
It was actually working, its just that site had some alternate IPs that it used instead. So i tested it on a different site, works a charm. Thanks heaps, ive been tearing my hair out over this for ages. Such a simple answer too. |
All times are GMT -5. The time now is 03:35 PM. |