Difference between revisions of "Iptables cheat sheet"

From MyLabWiki
Jump to: navigation, search
m
(Add category)
Line 20: Line 20:
  
  
 +
[[Category:linux]]
  
  

Revision as of 12:25, 28 June 2015

Applicable to Debian 8.

Blocking IP addresses

Permanently block an IP address[1]:

 iptables -A INPUT -s a.b.c.d -j DROP

Unblock IP address[1]:

 iptables -D INPUT -s a.b.c.d -j DROP

Block and IP address after 3 failed SSH login attempts made within 60 seconds[2]:

 iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent --set
 iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent --update --seconds 60 --hitcount 4 -j DROP

The reference[2] also gives info about how to set up logging.


References

  1. 1.0 1.1 nixCraft, How Do I Block an IP Address on My Linux server?
  2. 2.0 2.1 rackaid, Block SSH Brute Force Attacks with IPTables