Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
04-03-2004, 11:43 PM
|
#1
|
Member
Registered: Nov 2003
Distribution: Slackware 9.1
Posts: 41
Rep:
|
Troubles blocking single IPs using IPtables
ok, ive tried a fair bit to get this to work, and i really dont understand why it dosent.
ive got a Slackware 9.1 p120 box acting as a router/firewall, using iptables
Basically i want to be able to block specific IP addresses. The rest of the firewall/routing functions seem to work fine but i cant get it to block
I have tried adding $IPTABLES -A INPUT -s IPAddress -j DROP in my firewall script, but it dosent seem to do anything, i can still access that ip address.
The input part of my iptables -L
*(the line with the star is my attempt at blocking)
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT udp -- anywhere anywhere udp spt:mmcc
ACCEPT udp -- anywhere anywhere udp spt:5051
ACCEPT udp -- anywhere 255.255.255.255 udp dpt:bootpc
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
ACCEPT tcp -- anywhere anywhere tcp dpt:4662
ACCEPT udp -- anywhere anywhere udp dpt:rfa
*DROP all -- HOSTED-BY.VIRTUALXS.COM anywhere
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
DROP all -- 10.0.0.0/8 anywhere
DROP all -- 172.16.0.0/12 anywhere
DROP all -- 192.168.0.0/16 anywhere
DROP all -- 169.254.0.0/16 anywhere
DROP all -- anywhere loopback/8
DROP igmp -- anywhere anywhere
DROP tcp -- anywhere anywhere tcp dpt:http
DROP tcp -- anywhere anywhere tcp dpt:https
LOG all -- anywhere anywhere LOG level warning prefix `|iptables -- '
anyone have any ideas?
|
|
|
04-04-2004, 04:22 AM
|
#2
|
Senior Member
Registered: Dec 2000
Location: Gothenburg, SWEDEN
Distribution: OpenSUSE 10.3
Posts: 1,028
Rep:
|
First off: When trying to connect to this site, do you connect from your slackware box or from a client behind your firewall?
|
|
|
04-04-2004, 05:50 AM
|
#3
|
Member
Registered: Nov 2003
Distribution: Slackware 9.1
Posts: 41
Original Poster
Rep:
|
the client behind the router.
|
|
|
04-04-2004, 06:22 AM
|
#4
|
Senior Member
Registered: Dec 2000
Location: Gothenburg, SWEDEN
Distribution: OpenSUSE 10.3
Posts: 1,028
Rep:
|
Then you will have to set the blocking rule in the FORWARD chain.
Packets forwarded never pass the INPUT or OUTPUT chains.
For a more detailed view have a look at http://iptables-tutorial.frozentux.n...-tutorial.html
|
|
|
04-04-2004, 06:55 AM
|
#5
|
Member
Registered: Nov 2003
Distribution: Slackware 9.1
Posts: 41
Original Poster
Rep:
|
ok, i have now tried putting it in the forward table also, with no luck.
The first line in my Forward section is
$IPTABLES -A FORWARD -s (ip to block) -j DROP
giving a forward table of:
Chain FORWARD (policy DROP)
target prot opt source destination
DROP all -- anywhere HOSTED-BY.VIRTUALXS.COM
ACCEPT all -- anywhere 192.168.0.0/24 state RELATED,ESTABLISHED
ACCEPT tcp -- anywhere 192.168.0.199 tcp dpt:4662
ACCEPT all -- anywhere anywhere
i checked out that linkage too, it didnt seem to say anything about ip blocking.
Last edited by dave_blob; 04-04-2004 at 07:07 AM.
|
|
|
04-04-2004, 07:07 AM
|
#6
|
Member
Registered: Nov 2003
Distribution: Slackware 9.1
Posts: 41
Original Poster
Rep:
|
Ooops!
It was actually working, its just that site had some alternate IPs that it used instead. So i tested it on a different site, works a charm.
Thanks heaps, ive been tearing my hair out over this for ages.
Such a simple answer too.
Last edited by dave_blob; 04-04-2004 at 07:08 AM.
|
|
|
All times are GMT -5. The time now is 07:15 AM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|