IPTABLES – Block Script

Posted: February 13, 2011 in archlinux, Debian, Slackware

root@web:~# pico /skrip/ip
root@web:~# pico /skrip/ipsub
root@web:~# pico /skrip/block

####################### PUT THIS ON /skrip/block ##################

BLOCKDB=’/skrip/ip’
IPS=$(grep -Ev “^#” $BLOCKDB)
for i in $IPS
do
iptables -A INPUT -s $i -j DROP
iptables -A OUTPUT -d $i -j DROP
iptables -A INPUT -p tcp -s $i –dport 21 -j DROP
iptables -A INPUT -p tcp -s $i –dport 80 -j DROP
done

#BLOCK SUBNET
BLOCKSUB=’/skrip/ipsub’
IPS=$(grep -Ev “^#” $BLOCKSUB)
for i in $IPS
do
iptables -A INPUT -s $i -j DROP
iptables -A OUTPUT -d $i -j DROP
iptables -A INPUT -p tcp -s $i –dport 21 -j DROP
iptables -A INPUT -p tcp -s $i –dport 80 -j DROP
done

####################### PUT THIS ON /skrip/block ##################

root@web:~# chmod +x /skrip/block

root@web:~#/skrip/block

*** put ip /skrip/ip

root@web:~#echo ‘123.123.123.123’ >> /skrip/ip

*** put ip range on /skrip/ipsub

root@web:~#echo ‘123.123.123.0/24’ >> /skrip/ipsub

Advertisements
Comments
  1. whois domain says:

    Well I really enjoyed studying it. This subject offered by you is very effective for accurate planning.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s