[wellylug] Blocking bad IPs from server
andrej at paradise.net.nz
andrej at paradise.net.nz
Fri Jan 26 10:33:38 NZDT 2007
Quoting John Durham <johndurh at spunge.org>:
> > But this is Linux, my friend. :)
> >
> > for i in `cat list-of-bad-ips`; do iptables -A INPUT -s $i -j DROP;
> > done
> I gather there is some insight in that, but the syntax is unclear at
> best.
It's very clear to me :)All we do is take a list of IPs stored in a
file, create a loop that iterates over the list. In the body of
the loop the IPs get passed to iptables individually, and a rule
to drop traffic from that IP is inserted.
More beautified it will look like:
for i in `cat list`;
do
iptables -A INPUT -s $i -j DROP;
done
where $i is the variable from "for i in"
> Is it capable of handling a list contained in a text file?
Yes.
> Can it distinguish between good or bad access attempts?
No - hence the name of the list I was using.
> How effective is it please?
It's as effective as denying ANY traffic from the originating IP.
Cheers,
Andrej
More information about the wellylug
mailing list