Try
Code:iptables -I INPUT -s 1.1.1.1 -j DROP
it just wont work...
I want to block an ip-adress from accessing my webserver via WAN, since he's being refreshing a single page over 600 times a day the last 5 days
I tried the following things:
andiptables -D INPUT -s 1.1.1.1 -j DROP
these are from some google results, but that french guy is still refreshing!iptables -A INPUT -s 1.1.1.1 -j DROP
don't really have another clue how to ban him off, since I opened up port 80... so making an exeption?
full post firewall now:
can someone help me out?#!/bin/sh
iptables -D INPUT -j DROP
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
#rtorrent
iptables -I INPUT 1 -p tcp -i "$1" --syn --dport 51777:51780 -j ACCEPT
iptables -I INPUT 1 -p udp -i "$1" --dport 6881 -j ACCEPT
#block bad ip-adresses
iptables -D INPUT -s 91.121.111.28 -j DROP
iptables -A INPUT -j DROP
Try
Code:iptables -I INPUT -s 1.1.1.1 -j DROP
still a negative result
I put it in a TXT file, so the lay-out won't be lost
but this is pretty random...
I just noticed this guy as like... 6 IP adresses
and no, I don't think it's nice to post up someone's ip
this time one of his is in the list to
I'm gonna list everything now, try if it works
just a question...
if I have like a host with subdomains, and I ban the standart host... will it also do all the subdomains?
cos he has a big range, and far over 6 ip's
yeh... I fixed it, 21 ip's in total
hopefully they don't change over time
Good to know you are controlling the situation.
iptables does not understand about domains or subdomains. iptables understands IPs and IP ranges. So even in the case you specify something like:
iptables -I INPUT -s kpn.com -J DROP
iptables will resolve kpn.com into 145.7.192.133 and add it to the INPUT chain.
It could be that your undesired user gets dynamic IP address from the ISP. In that case you have found a sort-term solution. I would recommend working on limiting the burst of connections to the web server.
Hi,
could you refer me to some working examples of dynamic interactive firewalls
based on iptables, monitoring traffic on known ports and limiting traffic burts,
appending suspected intruders to banned IP/ banned Mac files .
Any such system should show self-learning feature.
I would like to learn how to control each incoming packet
by setting source IP, source Mac, time zone, list of privileged users and more.
And to have web interface to control users, used protocols, set time zones, user numbr limit and more.
I hope there is a number of intelligent solutions of this type already on a market.
Darius