Block IP addresses
From WickyWiki
Install
Install Firestarter GUI for iptables:
See also: Configure iptables Firewall
Fix syslog error at startup
sudo gedit /etc/rsyslog.d/99-fixlog.conf
*.=info;*.=notice;*.=warn;\
auth,authpriv.none;\
cron,daemon.none;\
mail,news.none -/var/log/messages
sudo service rsyslog restart
Enable block rule
To block 123.11.112.1 with iptables:
iptables -I INPUT -s 123.11.112.1 -j DROP
To enable this functionality in firestarter edit this file:
sudo gedit /etc/firestarter/user-post
Add the following line to the /etc/firestarter/user-post file:
$IPT -I INPUT -s 123.11.112.1 -j DROP
Restart service:
sudo service firestarter restart
iptables settings
List iptables settings:
sudo iptables -vnL
Clear all iptables settings
sudo -i IPTABLES="$(which iptables)" # RESET DEFAULT POLICIES $IPTABLES -P INPUT ACCEPT $IPTABLES -P FORWARD ACCEPT $IPTABLES -P OUTPUT ACCEPT $IPTABLES -t nat -P PREROUTING ACCEPT $IPTABLES -t nat -P POSTROUTING ACCEPT $IPTABLES -t nat -P OUTPUT ACCEPT $IPTABLES -t mangle -P PREROUTING ACCEPT $IPTABLES -t mangle -P OUTPUT ACCEPT # FLUSH ALL RULES, ERASE NON-DEFAULT CHAINS $IPTABLES -F $IPTABLES -X $IPTABLES -t nat -F $IPTABLES -t nat -X $IPTABLES -t mangle -F $IPTABLES -t mangle -X exit
