Solved

IPTABLES and blocking access

Posted on 2007-12-04
3
214 Views
Last Modified: 2010-04-22
I have iptables running on a CENTOS 4.5 server.  I am getting significant requests for "CONNECT" from a Chinese friend that I would like to have go away.  I have added
-A INPUT -s 122.126.0.0/16 -j DROP  

But I keep seeing the 122.126.x.x ips showing up in the logs -- is there perhaps something wrong with the instruction?

I found in the database an answer that suggested
iptables -I INPUT -j DROP -p tcp -s 0.0.0.0/0 --dport 80 -m string --string "SEARCH"

Would CONNECT do the same thing -- I am assuming that because "he" keeps getting in that he is masking the true ip address

thanks
0
Comment
Question by:Len45
  • 2
3 Comments
 
LVL 13

Accepted Solution

by:
WizRd-Linux earned 500 total points
ID: 20408609
You may find that rules above what you have appended are accepting his connection, eg INPUT -p tcp --dport 80 -j ACCEPT or similar.

Try: iptables -I INPUT 1 -s 122.126.0.0/16 -j DROP

This will make sure that the first rule will match and drop the packets before they hit apache.
0
 
LVL 13

Expert Comment

by:WizRd-Linux
ID: 20408613
And you will need to remove the last rule in INPUT, just to keep the rules clean.
0
 

Author Comment

by:Len45
ID: 20412125
Thanks, WizRd

I am going to assume that your solution will work!  
0

Featured Post

Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
Password hashing is better than message digests or encryption, and you should be using it instead of message digests or encryption.  Find out why and how in this article, which supplements the original article on PHP Client Registration, Login, Logo…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now