Tagged: Netfilter

How To Block Traffic by Country using IPtables

http://www.linuxstall.com/block-country-iptables/ http://www.ipdeny.com/ipblocks/ http://www.ipdeny.com/ipblocks/data/countries/ #!/bin/bash # country codes ISO="cn it kr br ru tw af sa iq sy tr ua in jp id at ro pl bg vn hk ve th mx co ar ir cz ph eg pk" # set path IPT=/sbin/iptables WGET=/usr/bin/wget EGREP=/bin/egrep $IPT-save -c > /home/iptables/iptables_bak_$(/bin/date +\%Y\%m\%d\%H\%M\%S).txt SPAMLIST="countrydrop" ZONEROOT="/root/iptables" DLROOT="http://www.ipdeny.com/ipblocks/data/countries" cleanOldRules(){ $IPT -F $IPT -X $IPT -t nat...

Block All Traffic to Your New Remote Server

I block all traffic to a new server while I setup users and environment using Netfilter AKA iptables. Nothing else gets in or out of the box but me. This requires 2 scripts actually. One to close the machine to all other IPs but mine, and one to “unblock”. You need to unblock while installing other software, re. LAMP, when...

Netfilter (iptables) Tips & Tricks

Netfilter (aka iptables) is how you stop any intrusions. As an example, PSAD can recognize attack patterns, but it is Netfilter that is then used to stop any communcations from getting a response. In otherwords, Netfilter can be told to ignore incoming requests; essentially making the server unreachable.

Netfilter iptables Log Message Codes

IN = Input interface OUT = Output interface MAC = Ethernet hardware address (aka MAC address) SRC = Source IP address DST = Destination IP address LEN = Packet length TOS = Type of Service (for packet prioritization) PREC = Precedent bits TTL = Time to Live ID = Packet identifier PROTO = Protocol (eg. TCP, UDP) SPT = Source...