LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 04-25-2014, 03:49 AM   #1
boby.kumar
Member
 
Registered: Mar 2013
Posts: 94

Rep: Reputation: Disabled
Question Block an IP for a subnet by IPtables


Hi
I am looking to block an incomming IP for all the subnet in lab area. only single Ip should be access to this incomming IP.

Block IP=10.20.50.xx
Subnet=10.30.40.xx

can anyone explain how to do this by linux Iptables?
 
Old 04-25-2014, 08:16 AM   #2
Habitual
LQ Veteran
 
Registered: Jan 2011
Location: Abingdon, VA
Distribution: Catalina
Posts: 9,374
Blog Entries: 37

Rep: Reputation: Disabled
man ipcalc
man iptables

Search engine.
 
Old 04-27-2014, 11:14 PM   #3
boby.kumar
Member
 
Registered: Mar 2013
Posts: 94

Original Poster
Rep: Reputation: Disabled
Its didn't help me what i was expecting. Ip calculating is different from Ip blocking.

Anyone has the comment on this?
 
Old 04-28-2014, 07:55 AM   #4
Habitual
LQ Veteran
 
Registered: Jan 2011
Location: Abingdon, VA
Distribution: Catalina
Posts: 9,374
Blog Entries: 37

Rep: Reputation: Disabled
Quote:
Originally Posted by boby.kumar View Post
Its didn't help me what i was expecting. Ip calculating is different from Ip blocking.

Anyone has the comment on this?
That's funny, because it helped me set over 400 iptable bans on several of my own hosts.
Code:
ipcalc 10.20.50.00
Address:   10.20.50.0           
Netmask:   255.255.255.0 = 24   
Wildcard:  0.0.0.255            
=>
Network:   10.20.50.0/24        
HostMin:   10.20.50.1           
HostMax:   10.20.50.254         
Broadcast: 10.20.50.255         
Hosts/Net: 254                   Class A, Private Internet
Sooooooo, to block all 10.20.50.xx hosts, you would run:
Code:
for i in  10.20.50.0/24  ; do iptables -I INPUT -s $i -j DROP ; done
Unless I missed my daily dosage of caffeine, that should get you started.
 
Old 05-05-2014, 05:30 AM   #5
boby.kumar
Member
 
Registered: Mar 2013
Posts: 94

Original Poster
Rep: Reputation: Disabled
Sorry for delayed responses.
My query is different rather below answered.
for i in 10.20.50.0/24 ; do iptables -I INPUT -s $i -j DROP ; done

My network(subnet) should be blocked to accessing the incomming rather than blocking the incommings.

AnYone have any comment now?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
How to block all mail sites (https) & chat clients to particular subnet satishmali1983 Linux - Server 1 04-14-2009 09:57 AM
Iptables + excluding a subnet GGlinux Linux - Networking 6 02-19-2009 05:26 PM
Open certain ports across different subnet -- iptables jasboy Linux - Networking 3 04-16-2008 11:36 PM
IPTables and PPTPD :S (to block or not to block) thewonka Linux - Networking 0 03-24-2005 06:58 PM
using iptables to ban a subnet? Sm0k3 Linux - Networking 4 01-24-2004 03:25 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 10:12 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration