• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 192
  • Last Modified:

Having trouble denying an ip.

I'm running linux/apache, and I'm using this to block an ip

iptables -A INPUT -s 85.158 -j DROP

But my mail filter program still says it's still getting connections from that ip, and it overwhelms the system:

Mar 31 08:37:19 [1267]: Rejected connection from 85.158.138.179:11449 (busy), ceiling is 5 slots
Mar 31 08:37:19 [1267]: Rejected connection from 85.158.138.179:55879 (busy), ceiling is 5 slots

I also use apf, and have blocked it through that,

/usr/local/sbin/apf -d 85.158.

but it's still getting through.

Any ideas on what to do or why this isn't working?

Does iptables have to be restarted or anything?  If so, how?

thanks,  Chris
0
St_Aug_Beach_Bum
Asked:
St_Aug_Beach_Bum
  • 4
  • 3
1 Solution
 
fosiul01Commented:
yes, you need to save iptables rules after inserting

then restart the iptables

0
 
St_Aug_Beach_BumAuthor Commented:
Thank you, how do I do that?
0
 
fosiul01Commented:
service iptables save
service iptables restart

0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
St_Aug_Beach_BumAuthor Commented:
ah, thank you, that seems to have done it!  dam spammers!
0
 
fosiul01Commented:
are you trying to add those Ip one by one by hand ??

then you will go mad!!

use fail2ban, or portsentry

any attemept more then 3 or 4 times, those will block those Ip automaticaly
0
 
St_Aug_Beach_BumAuthor Commented:
Thank you, normally I don't have to, my spam program, mailstripper, takes care of things pretty well.  This was move of a denial of service type thing (I guess), just overwhelming my server with junk mail, more than it could handle, so legit mails couldn't get through.

I'll take a look at these programs right now.  
0
 
St_Aug_Beach_BumAuthor Commented:
Not saying it was a dos attack on purpose, but the amount of spam coming from that ip had that effect on my mail services.
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

  • 4
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now