Results 1 to 4 of 4
Thread: Quick IPTables Commands
-
08-01-2009, 07:53 PM #1Web Hosting Guru
- Join Date
- Jun 2008
- Location
- India
- Posts
- 266
Quick IPTables Commands
Quick IPTables Commands
List: iptables -L -n | grep <IP Address>
Remove: iptables -D INPUT -s <IP 1> -d <IP 2> -j DROP
Insert: iptables -I INPUT -s <IP> -j DROP
Flush: iptables -F
Remove: iptables -D OUTPUT -s 0.0.0.0/0 -d 66.93.33.185 -j DROP
netstat -nap | grep :80 | wc –l (shows # of connections to HTTP)
netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort –n (shows total connections per IP, if more than 100 block)Ranjith
Light travels faster thn sound.This is why some people look bright until you actually hear them speak
-
08-01-2009, 08:10 PM #2Disabled
- Join Date
- Mar 2009
- Location
- Israel
- Posts
- 1,212
Hey, you forgot the most important part.
# iptables-save
!!!!!!!!!!!!!!!
these commands are ok , but they load the chains/rules into the ram memory only and wont hold after a server reboot, you must run the save commend in order to keep your settings.
thank for the nice tips , im sure its golden for some people here!
-
08-01-2009, 08:24 PM #3Web Hosting Guru
- Join Date
- Jun 2008
- Location
- India
- Posts
- 266
Ahh, forgot that stuff, thanks for reminding
Ranjith
Light travels faster thn sound.This is why some people look bright until you actually hear them speak
-
08-01-2009, 10:55 PM #4Intangible Asset Appraiser
- Join Date
- Mar 2009
- Location
- Austin Tx
- Posts
- 2,007
what I do...
I keep a text file with my "config". At the top, it flushes, then reads in all rules, then saves, and prints out to stdout (for my viewing pleasure).
I simply add offending IP's / Networks, re-run the script. Bam.
Done deal.
I also have a custom country-ban with certain hack-ish countries blocked as an include file. Has cut down brute forces and dictionaries by about 80%. APNIC is the *worst*. Ugg.This is the best signature in the world....Tribute!
(It is not the best signature in the world, no. This is just a tribute)
Similar Threads
-
sed commands have a quick question
By rumrunner439 in forum Programming DiscussionReplies: 3Last Post: 07-09-2009, 03:50 PM -
after flush+zero iptables, will a new iptables ban work?
By Tertsi in forum Hosting Security and TechnologyReplies: 2Last Post: 01-06-2008, 12:04 AM -
How to find IPtables (I can't restart iptables without a reboot)
By DSD in forum Hosting Security and TechnologyReplies: 13Last Post: 12-28-2005, 03:51 PM -
iptables quick help...
By polira in forum Hosting Security and TechnologyReplies: 3Last Post: 02-08-2005, 12:56 PM -
IPTables quick sample
By AlaskanWolf in forum Hosting Security and TechnologyReplies: 3Last Post: 05-06-2003, 08:54 PM