Tags » Iptables

Regular GeoIP Lookups

Following on from my last blog, I’m planning on doing a larger look at the network threats my server gets. For background, the server I run doesn’t do a lot – a small personal website, my email, and I’m the only user. 274 more words


exception rule in iptables

create exception rule in iptables using negation ! signal/char

iptables -A INPUT ! -s -j DROP

block countries with iptables

# block countries with iptables based on list with range of ips

# download list with range of countries ips
rm -rf /tmp/all-zones*; wget -nc http://www.ipdeny.com/ipblocks/data/countries/all-zones.tar.gz -P /tmp

mkdir /tmp/all-zones; tar -xzvf /tmp/all-zones.tar.gz -C $_


for country_iso_code in ${COUNTRIES_ISO_CODE_LIST[*]}; do

  for country_ip in $( cat /tmp/all-zones/$country_iso_code.zone ); do
    echo creating rules to $country_iso_code $country_ip
    /sbin/iptables -A INPUT -s $country_ip -m comment --comment "rule to $( echo $country_iso_code | tr '[:lower:]' '[:upper:]' ) country" -j DROP
Shell Script

filter ips of the 5 column in the log and block them

cut -d' ' -f5 /var/log/ips.log | sort | uniq | xargs -I% iptables -A INPUT -s % -m comment --comment "block IP that attack site" -j DROP

Iptables configuration in Linux detail tutorial Part-1

This is my first tutorial on Firewall configuration in Linux using IPTABLES. In this tutorial we will learn how to use and configure iptables to secure any server or any network.We will learn to secure server and network infrastructure. 532 more words


iptables: delete specific rule

You can list the existing iptables rule along with their line number with:

iptables -L –line-numbers

The output will be as follows:

Chain INPUT (policy ACCEPT)
num target prot opt source destination
1 KUBE-SERVICES all -- anywhere anywhere /* kubernetes service portals */
2 KUBE-FIREWALL all -- anywhere anywhere
3 ACCEPT udp -- anywhere anywhere udp dpt:domain
4 ACCEPT tcp -- anywhere anywhere tcp dpt:domain
5 ACCEPT udp -- anywhere anywhere udp dpt:bootps
6 ACCEPT tcp -- anywhere anywhere tcp dpt:bootps

… 13 more words

Running a custom startup script in CentOS / RHEL 7

Hi All,

During my work at Adroitlogic, in one of my tasks I had to start & configure a set of EC2 machines which included our B2B AS2 integration solution… 553 more words