-
Quick IPTables Commands
Quick IPTables Commands
List: iptables -L -n | grep <IP Address>
Remove: iptables -D INPUT -s <IP 1> -d <IP 2> -j DROP
Insert: iptables -I INPUT -s <IP> -j DROP
Flush: iptables -F
Remove: iptables -D OUTPUT -s 0.0.0.0/0 -d 66.93.33.185 -j DROP
netstat -nap | grep :80 | wc –l (shows # of connections to HTTP)
netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort –n (shows total connections per IP, if more than 100 block)
-
Hey, you forgot the most important part.
# iptables-save
!!!!!!!!!!!!!!!
:) these commands are ok , but they load the chains/rules into the ram memory only and wont hold after a server reboot, you must run the save commend in order to keep your settings.
thank for the nice tips , im sure its golden for some people here!
-
Ahh, forgot that stuff, thanks for reminding
-
what I do...
I keep a text file with my "config". At the top, it flushes, then reads in all rules, then saves, and prints out to stdout (for my viewing pleasure).
I simply add offending IP's / Networks, re-run the script. Bam.
Done deal.
I also have a custom country-ban with certain hack-ish countries blocked as an include file. Has cut down brute forces and dictionaries by about 80%. APNIC is the *worst*. Ugg.