Quote:
Originally Posted by Almaz
If there are other better methods please let me know
|
I have found this link to be a valuable resource to iptables:
https://www.frozentux.net/documents/iptables-tutorial/
As with all low level programs like this, there are multiple solutions to a problem. So I wouldn't say there's a better method then yours (You wanted to block a ip address and you blocked it - case solved)
However, do you want to be more specific? Should the source ip you blocked want to access its.. webserver it would also be blocked.
So perhaps this will limit only what you want to limit. However note that any other ips can still connect should your policy be set to accept. (If it's to drop, then both this and yours are irrevelvant.)
Code:
iptables -A FORWARD -p tcp -s xxx.xxxx.xxx --dport 22 -j REJECT
REJECT just means it says something along the lines of "Connection Refused". If you want to be stealthy, change to drop.
--dport means destination port, -p refers to a specific protocol.