How To List Your Existing IP Address Rules
iptables -L
How To Help
iptables -h
How do I block an IP address ?
iptables -A INPUT -s xx.xx.xx.xx -j DROP
How To Block A Range of IP Addresses ?
iptables -A INPUT -s xx.xx.xx.xx/8 -j DROP
How can I block a particular PORT for a particular IP ?
iptables -A INPUT -s IP-ADD -p tcp --destination-port portnumber -j DROP
iptables -A INPUT -s xx.xx.xx.xx -p tcp --destination-port 25 -j DROP
How to start/stop iptables
/etc/init.d/iptables stop/etc/init.d/iptables start
How do I unblock an IP address ?
iptables -D INPUT -s IP-ADDR -j DROP
How do I save iptables ?
/etc/rc.d/init.d/iptables save
service iptables save
*****************************************************
Script for Debian 6
/etc/init.d/save_iptables
/etc/init.d/load_iptables
/usr/sbin/blockip
/etc/network/if-pre-up.d/load_iptables -> /etc/init.d/load_iptables
How to Block IP:
blockip 103.41.124.64
cat /usr/sbin/blockip
#!/bin/sh
if [ $# -eq 0 ];then
echo “Usage: $0 ip_addr”
exit
fi
echo “ip address $1 will be blocked”
iptables -A INPUT -s $1 -j DROP
/etc/init.d/save_iptables
clear
iptables -L
cat /etc/init.d/save_iptables
#!/bin/sh
/sbin/iptables-save > /etc/iptables
cat /etc/init.d/load_iptables
#!/bin/sh
/sbin/iptables-restore < /etc/iptables