Banning with iptables
John
jpoz at quickscribble.com
Tue Aug 24 12:07:18 EDT 2004
Since I've read that MOHAA:SH doesn't do a great job of banning people based
on IP addresses (and I'm not yet using a third-party admin app), I decided
to block the "bad" IPs using locally installed iptables.
I'm sure many here already know how to do this, but maybe this will help
someone.
I built several rules in iptables allowing MOHAA:SH to do its thing. But I
wanted to dynamically create DROP rules to block any banned IP. I build a
separate file of the IPs in question (one per line). Then I put the
following in my iptables script (above the MOHAA:SH rules):
for i in `cat /root/ban_list`
do
$IPTABLES -A INPUT -s $i -i eth0 -d $NIC -j DROP
done
-- -- -- --
Here is my test 'ban_list':
192.168.0.1
222.33.222.11
10.0.0.3
25.67.44.62
-- -- -- --
This will build:
DROP all -- 192.168.0.1 10.10.10.160
DROP all -- 222.33.222.11 10.10.10.160
DROP all -- 10.0.0.3 10.10.10.160
DROP all -- 25.67.44.62 10.10.10.160
More information about the Mohaa
mailing list