LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)
-   -   How to set temporary IP ban in one command (https://www.linuxquestions.org/questions/linux-security-4/how-to-set-temporary-ip-ban-in-one-command-4175502435/)

postcd 04-21-2014 05:04 AM
How to set temporary IP ban in one command
 
Hello,

i want to deny an IP 2.2.2.2 using iptables for 15 minutes.

This must be one line command, because i want to use it in mod_deflate in this variable:
Quote:
DOSSystemCommand “.....”
Someone used:
Quote:
DOSSystemCommand “sudo /sbin/iptables -A INPUT -s %s -j DROP”
but i assume this is permanent ban untill server reboot which is too longterm ban i think, i need 15 minute ban in one command?

myatthu 04-21-2014 06:04 AM
This article is great for your requirements link

Cheer

gengisdave 04-22-2014 04:08 AM
if you can't/don't want compile code or have problems with installation of mod_evasive, another option is Fail2Ban, you can manually ban an ip for a pre-configured time (you can have more than one time, or JAILs in fail2ban docs).

postcd 04-22-2014 01:55 PM
Quote:
Originally Posted by myatthu (Post 5156428)
This article is great for your requirements link
thx, i would like to do it in one commend without creating extra bash script, what about this?

DOSSystemCommand “sudo /sbin/iptables -A INPUT -s %s -j DROP;echo \"iptables -D INPUT -s %s -j DROP\" | at now + 2 hours"

unSpawn 04-22-2014 02:57 PM
I second gengisdave's suggestion for fail2ban. Not only does it lay down all the groundwork it also can use ipset which is way better maintenance and performance-wise. Also use the mangle for bit buckets. Save the filter table for stuff that matters.


All times are GMT -5. The time now is 01:48 AM.