[wellylug] Blocking bad IPs from server

andrej at paradise.net.nz andrej at paradise.net.nz
Fri Jan 26 10:33:38 NZDT 2007


Quoting John Durham <johndurh at spunge.org>:

> > But this is Linux, my friend. :)
> >
> > for i in `cat list-of-bad-ips`; do iptables -A INPUT -s $i -j DROP;
> > done
> I gather there is some insight in that, but the syntax is unclear at 
> best.
It's very clear to me :)All we do is take a list of IPs stored in a
file, create a loop that iterates over the list.  In the body of
the loop the IPs get passed to iptables individually, and a rule
to drop traffic from that IP is inserted.
More beautified it will look like:
for i in `cat list`;
  do
    iptables -A INPUT -s $i -j DROP;
  done
where $i is the variable from "for i in"


> Is it capable of handling a list contained in a text file?
Yes.

> Can it distinguish between good or bad access attempts?
No - hence the name of the list I was using.

> How effective is it please?
It's as effective as denying ANY traffic from the originating IP.


Cheers,
Andrej




More information about the wellylug mailing list