[wellylug] Blocking bad IPs from server
Cliff Pratt
enkidu at cliffp.com
Sat Jan 27 11:11:01 NZDT 2007
John Durham wrote:
> Andrej wrote:
>> On Saturday 27 January 2007 08:30, John Durham wrote:
>>
>>
>>>> for i in `cat list-of-bad-ips`; do iptables -A INPUT -s $i
>>>> -j DROP; done
>>>>
>>> Could anything associated with this have turned off port 80?
>>>
>> Nope. It will block any traffic from that IP. The problem may
>> be with your list.
> I checked the list, but the server IP is NOT present, so maybe the list
> can be discounted in this case. Note: Port 80 appears to be open.
>
If you have access to the command line on your server you can issue the
command :
netstat -tapn | grep LISTEN
Your IP should be in there. If it is not, the server is not listening on
that port. But it was before, wasn't it?
If you made the changes suggested using the 'for' command you can
reverse this by restarting your firewall, which I seem to remember is
Shorewall?
/etc/init.d/shorewall stop
/etc/init.d/shorewall start
If the web server then works you can blame the blocking list.
Cheers,
Cliff
More information about the wellylug
mailing list