LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)
-   -   Block an IP for a subnet by IPtables (https://www.linuxquestions.org/questions/linux-security-4/block-an-ip-for-a-subnet-by-iptables-4175502933/)

boby.kumar 04-25-2014 03:49 AM
Block an IP for a subnet by IPtables
 
Hi
I am looking to block an incomming IP for all the subnet in lab area. only single Ip should be access to this incomming IP.

Block IP=10.20.50.xx
Subnet=10.30.40.xx

can anyone explain how to do this by linux Iptables?

Habitual 04-25-2014 08:16 AM
man ipcalc
man iptables

Search engine.

boby.kumar 04-27-2014 11:14 PM
Its didn't help me what i was expecting. Ip calculating is different from Ip blocking.

Anyone has the comment on this?

Habitual 04-28-2014 07:55 AM
Quote:
Originally Posted by boby.kumar (Post 5160324)
Its didn't help me what i was expecting. Ip calculating is different from Ip blocking.

Anyone has the comment on this?
That's funny, because it helped me set over 400 iptable bans on several of my own hosts.
Code:
ipcalc 10.20.50.00
Address:  10.20.50.0         
Netmask:  255.255.255.0 = 24 
Wildcard:  0.0.0.255           
=>
Network:  10.20.50.0/24       
HostMin:  10.20.50.1         
HostMax:  10.20.50.254       
Broadcast: 10.20.50.255       
Hosts/Net: 254                  Class A, Private Internet
Sooooooo, to block all 10.20.50.xx hosts, you would run:
Code:
for i in  10.20.50.0/24  ; do iptables -I INPUT -s $i -j DROP ; done
Unless I missed my daily dosage of caffeine, that should get you started.

boby.kumar 05-05-2014 05:30 AM
Sorry for delayed responses.
My query is different rather below answered.
for i in 10.20.50.0/24 ; do iptables -I INPUT -s $i -j DROP ; done

My network(subnet) should be blocked to accessing the incomming rather than blocking the incommings.

AnYone have any comment now?


All times are GMT -5. The time now is 08:58 PM.