Sunday, October 31, 2010

How to block certain inbound IP addresses

Create a file /etc/iptables/blockip.sh:

#!/bin/bash
# Simple iptables IP/subnet block script
# -------------------------------------------------------------------------
IPT=`which iptables`
SPAMLIST="spamlist"
SPAMDROPMSG="SPAM LIST DROP"
BADIPS=$(egrep -v -e "^#|^$" /etc/iptables/blocked.ips)

# create a new iptables list
$IPT -N $SPAMLIST

for ipblock in $BADIPS
do
   $IPT -A $SPAMLIST -s $ipblock -j LOG --log-prefix "$SPAMDROPMSG"
   $IPT -A $SPAMLIST -s $ipblock -j DROP
done

$IPT -I INPUT -j $SPAMLIST
$IPT -I OUTPUT -j $SPAMLIST
$IPT -I FORWARD -j $SPAMLIST

Create a file /etc/iptables/blocked.ips:

put IP addresses here! (one per line)


edit file /etc/boot.local and add this line:

/etc/iptables/blockip.sh

No comments:

Post a Comment