In order to block an IP on your Linux server you need to use iptables firewall. First you need to log into shell as root user. To block IP address you need to type iptables command as follows:
iptables -A INPUT -s IP-ADDRESS -j DROP
Replace IP-ADDRESS with actual IP address. For example if you wish to block ip address 65.55.44.100 for whatever reason then type command as follows:
# iptables -A INPUT -s 65.55.44.100 -j DROP
Block ports by adding the following firewall rules:
# Allow loopback access. This rule must come before the rules denying port access!!
iptables -A INPUT -i lo -p all -j ACCEPT - Rule for your computer to be able to access itself via the loopback
iptables -A OUTPUT -o lo -p all -j ACCEPT
iptables -A INPUT -p tcp -s 0/0 -d 0/0 --dport 2049 -j DROP - Block NFS
iptables -A INPUT -p udp -s 0/0 -d 0/0 --dport 2049 -j DROP - Block NFS
iptables -A INPUT -p tcp -s 0/0 -d 0/0 --dport 6000:6009 -j DROP - Block X-Windows
iptables -A INPUT -p tcp -s 0/0 -d 0/0 --dport 7100 -j DROP - Block X-Windows font server
iptables -A INPUT -p tcp -s 0/0 -d 0/0 --dport 515 -j DROP - Block printer port
iptables -A INPUT -p udp -s 0/0 -d 0/0 --dport 515 -j DROP - Block printer port
iptables -A INPUT -p tcp -s 0/0 -d 0/0 --dport 111 -j DROP - Block Sun rpc/NFS
iptables -A INPUT -p udp -s 0/0 -d 0/0 --dport 111 -j DROP - Block Sun rpc/NFS
iptables -A INPUT -p all -s localhost -i eth0 -j DROP - Deny packets which claim to be from your loopback interface.
No comments:
Post a Comment