Tags » Iptables

iptables rules for dynamic ip

Delete current rule if this exist

iptables -nvL FORWARD --line-number | grep 'yourDomainHere.ddns.net' | awk '{ print $1 }' | xargs -I% iptables -D INPUT %
… 228 more words
Shell Script

install geoip iptables module centos 7

1 – Install packages

yum install gcc gcc-c++ make automake unzip zip xz kernel-devel-`uname -r` wget unzip iptables-devel perl-Text-CSV_XS

2 – Download and decompress xtables-addons… 86 more words

Iptables

Stateful vs Stateless firewalls: Which one to use when?

Firewalls provide traffic filtering and protects the trusted environment for the untrusted. A firewall can be stateful or stateless

A stateful firewall is capable of tracking connection states, it is better equipped to allow or deny traffic based on such knowledge.   547 more words

Networking

Regular GeoIP Lookups

Following on from my last blog, I’m planning on doing a larger look at the network threats my server gets. For background, the server I run doesn’t do a lot – a small personal website, my email, and I’m the only user. 274 more words

Tech

exception rule in iptables

create exception rule in iptables using negation ! signal/char

iptables -A INPUT ! -s 192.168.0.0/24 -j DROP
Iptables

block countries with iptables

#!/bin/bash
# block countries with iptables based on list with range of ips

# download list with range of countries ips
rm -rf /tmp/all-zones*; wget -nc http://www.ipdeny.com/ipblocks/data/countries/all-zones.tar.gz -P /tmp

mkdir /tmp/all-zones; tar -xzvf /tmp/all-zones.tar.gz -C $_

COUNTRIES_ISO_CODE_LIST=(af cu mo)

for country_iso_code in ${COUNTRIES_ISO_CODE_LIST[*]}; do

  for country_ip in $( cat /tmp/all-zones/$country_iso_code.zone ); do
    echo creating rules to $country_iso_code $country_ip
    /sbin/iptables -A INPUT -s $country_ip -m comment --comment "rule to $( echo $country_iso_code | tr '[:lower:]' '[:upper:]' ) country" -j DROP
  done
done
Shell Script

filter ips of the 5 column in the log and block them

cut -d' ' -f5 /var/log/ips.log | sort | uniq | xargs -I% iptables -A INPUT -s % -m comment --comment "block IP that attack site" -j DROP
Iptables