Difference between revisions of "How to block someone's IP"

From Kolmisoft Wiki
Jump to navigationJump to search
Line 22: Line 22:
   iptables -A INPUT -s friendlyip. -j ACCEPT
   iptables -A INPUT -s friendlyip. -j ACCEPT
   iptables -A INPUT -s another.friendly.ip -j ACCEPT
   iptables -A INPUT -s another.friendly.ip -j ACCEPT
  iptables -A INPUT -s 127.0.0.1 -j ACCEPT # yes, accept connections from localhost.


And the most end enter:
And the most end enter:

Revision as of 23:17, 16 July 2009

To block incoming IP, use this command: 

   iptables -A INPUT -s IP -j DROP

For example: 

   iptables -A INPUT -s 123.123.123.123 -j DROP

To save the rules, run:

On Centos) 

  /etc/init.d/iptables save

On Debian)

Please read this link http://www.debian-administration.org/articles/445


Question: I want allow only specified IPs to my server and dissallow any other connections, how I could do that?

First of all enter all friendly ips: 

 iptables -A INPUT -s friendlyip. -j ACCEPT
 iptables -A INPUT -s another.friendly.ip -j ACCEPT
 iptables -A INPUT -s 127.0.0.1 -j ACCEPT # yes, accept connections from localhost.

And the most end enter: 

 iptables -A INPUT -s 0/0 -j DROP

Thats it.

If in future you will want to add some more ips, just first reject rule with DROP, and some friendly ip and then apply DROP rule again.

Very important: Don't forget to add ISP/router to your friendly ip address list!!!

Retrieved from "https://wiki.kolmisoft.com/index.php?title=How_to_block_someone%27s_IP&oldid=4254"