Results 1 to 14 of 14
  1. #1

    Question iptables and banning ip addresses?

    Hi all;

    ı'd want to ban some ip addresses and i tried use iptables. But it doesnt work so far.

    what i did is:
    root/sbin/ iptables -A INPUT -p tcp -s 193.93.236.0/22 -d any/0 -m state --state NEW -j DROP

    as seen, i tried to ban an ip range from my box (coz of spam). But it looks that doesnt work.

    What i want to do is to prevent wp spammers to post their disgraceful links to my database.

    Any help?

    pS. i am using centos.

  2. #2
    Join Date
    Apr 2005
    Posts
    535
    try 193.93.236.0/24 as the ip

  3. #3
    Hi NWS,
    it is same, not working, i also tried to ban certain ip like "193.93.236.19" but it also didnt work.
    lets back to your suggestion; (193.93.236.0/24)
    First Host 203.144.128.1
    Last Host 203.144.255.254

    means, the range is out of what i want to ban.
    mine is: 193.93.236.0 - 193.93.239.255
    that i mostly get wp spam (after 1 week work, i get this stat)

    the problem is my entried in iptables doesnt work. should i restart ip tables? if it is my mistake, how can i restart it?

  4. #4
    Join Date
    May 2002
    Location
    Kingston, Ontario
    Posts
    1,573
    iptables -I INPUT -s IPHERE -j DROP

    /etc/init.d/iptables restart
    that will restart it if you need.
    Upload Guardian 2 - Malicious Upload Scanner - Windows and Linux!
    Instantly scan uploaded files
    Get notified when released

  5. #5
    Quote Originally Posted by Ramprage
    iptables -I INPUT -s IPHERE -j DROP

    /etc/init.d/iptables restart
    that will restart it if you need.
    yes i tried to restart like that and it returned:
    "Flushing firewall rules: [ OK ]
    Setting chains to policy ACCEPT: filter [ OK ]
    Unloading iptables modules: [ OK ]
    Applying iptables firewall rules: [ OK ]"

    and no any ban
    instead, i've looked at sbin/iptables -L -n
    and all my previous rules removed from the list.... : S

  6. #6
    ermmm, should i configure this:
    root: /etc/init.d/iptables


    -------
    # Default firewall configuration:
    IPTABLES_MODULES=""
    IPTABLES_MODULES_UNLOAD="yes"
    IPTABLES_SAVE_ON_STOP="no"
    IPTABLES_SAVE_ON_RESTART="no"
    IPTABLES_SAVE_COUNTER="no"
    IPTABLES_STATUS_NUMERIC="yes"
    -------

  7. #7
    Join Date
    Apr 2005
    Posts
    535
    have you thought of using a htaccess file on your site to block ips instead

  8. #8
    Join Date
    Sep 2002
    Location
    Top Secret
    Posts
    11,686
    What i want to do is to prevent wp spammers to post their disgraceful links to my database.
    Bah, you don't need iptables for that
    Akismet works wonders to block spam comments, and you don't run the risk of blocking out individuals who might just be affected inadvertently.

    Don't like that idea? Here, go with these suggestions. From captcha to bad behavior, some great stuff there.
    WHMCS Guru - WHMCS addons, management, support and more.
    WHMCS Notifications Extended - Add slack, hipchat, SMS, pushover to WHMCS !!
    Always looking for Linux, WHMCS, Support Desk work. PM for details

  9. #9
    -----
    Bah, you don't need iptables for that
    Akismet works wonders to block spam comments, and you don't run the risk of blocking out individuals who might just be affected inadvertently.

    Don't like that idea? Here, go with these suggestions. From captcha to bad behavior, some great stuff there.
    -------
    Tut tut! lol
    i know akismet very well and it is activated of course
    but it does not prevent php/mysql processings ; )

    So it is better to ban some ip ranges that commonly using as spam.


    ...........
    NWSTech, i have very few wordpress sites in my server and i believe that iptables is the best option.

  10. #10
    Join Date
    Sep 2002
    Location
    Top Secret
    Posts
    11,686
    but it does not prevent php/mysql processings ; )
    No, but bad behavior does
    Captcha will

    Both of those are directly listed on that page that I posted.

    Again, you don't NEED iptables to do this
    WHMCS Guru - WHMCS addons, management, support and more.
    WHMCS Notifications Extended - Add slack, hipchat, SMS, pushover to WHMCS !!
    Always looking for Linux, WHMCS, Support Desk work. PM for details

  11. #11
    Quote Originally Posted by linux-tech
    No, but bad behavior does
    Captcha will

    Both of those are directly listed on that page that I posted.

    Again, you don't NEED iptables to do this
    Linux-tech,

    i really appreciate lot your answers. i dont want to give up about "iptables"... it is now my "must learn" thingy.

  12. #12
    Join Date
    Jul 2005
    Posts
    489
    Quote Originally Posted by Tel-tel
    Hi all;

    /sbin/ iptables -A INPUT -p tcp -s 193.93.236.0/22 -d any/0 -m state --state NEW -j DROP
    If you dont have all the required iptables modules to execute the above command then it will not work.
    You may simply use
    iptables -I INPUT -p tcp -s 193.93.236.0/22 -j DROP

    Also note that restarting iptables will remove your existing rules unless it is saved.
    Use '/etc/rc.d/init.d/iptables save' to sve your current rules.

  13. #13
    Quote Originally Posted by bibink
    If you dont have all the required iptables modules to execute the above command then it will not work.
    You may simply use
    iptables -I INPUT -p tcp -s 193.93.236.0/22 -j DROP

    Also note that restarting iptables will remove your existing rules unless it is saved.
    Use '/etc/rc.d/init.d/iptables save' to sve your current rules.
    thats great info BIBINK!
    confirmation: if i save iptables before i restart, i will not lose my current rules.. right?

  14. #14

    saving iptables rules

    sure you wont lose the rules if you save and then restart.
    You can take a backup of the iptables rules file which will is the following

    /etc/sysconfig/iptables

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •