Web Hosting Forum | Lunarpages


*
Welcome, Guest. Please login or register.
Did you miss your activation email?


Login with username, password and session length
February 09, 2012, 06:30:13 PM

Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: Banning IP's Permanently.  (Read 1806 times)
The Natural Greek Phenomenon
Intergalactic Superstar
*****
Offline Offline

Posts: 144


WWW
« on: July 26, 2005, 05:36:34 AM »
Hello!

Using the iptables -I INPUT -s xxxxxxxx -j DROP
command I am supposed to block unwanted
visits from specific IP's.

The predicament is that these IP's keep returning
after a few days; is it feasible to permanently block
those visits from coming?

For instance, there are robots, hackers and hustlers
that originate from some IP's which I'd rather ban
via the DROP method but... they come back, so the
'blockage' is only good for a matter of time.

Also is there a possibility to bamboozle potential
attackers by causing them argh...!!!  some sort of havoc?

Any advice?

Thanks,
George
Logged
Danielle
Guest
« Reply #1 on: July 26, 2005, 06:48:00 AM »
Hi George,

Actually, using iptables -I INPUT -s xxxxxxxx -j DROP will just block the IP for around 24 hours or until the firewall cron runs that removes those input into the table in this manner.  Instead you can enter this command to edit the deny_hosts file:

vi /etc/apf/deny_hosts*

Scroll to the end of the file, and enter to insert text:

Esc + I

Press the enter key to go to the next line so the new IP will be on its own line, then paste the IP in question. To save, enter the Esc key, then (this writes and quits):

:wq

At the command prompt after you have left the file, then enter the following which will restart the firewall so the changes take affect:

/etc/init.d/apf restart

Adding an IP to deny_hosts file is a permanent block.

Thanks.
Logged
The Natural Greek Phenomenon
Intergalactic Superstar
*****
Offline Offline

Posts: 144


WWW
« Reply #2 on: July 26, 2005, 06:41:53 PM »
Danielle,

Very helpful - thanks a lot; will try it next time it's needed.

Gracefully,
George
Logged
The Natural Greek Phenomenon
Intergalactic Superstar
*****
Offline Offline

Posts: 144


WWW
« Reply #3 on: July 26, 2005, 07:16:40 PM »
OK Danielle - it must have worked exactly as you instructed.

Check the obfuscated snapshot.
I added an IP right down below
another one whereas the red arrow points at.


So each time I will have to keep adding IP's,
right bottom below to the one I added, right?

Very helpful procedure indeed - thanks.
Logged
Danielle
Guest
« Reply #4 on: July 26, 2005, 10:57:06 PM »
Hi George, I'm not seeing a snapshot, did you attach it? Smile

You would keep adding IPs for each one you want to block with the new ones added at the bottom and no empty lines between each IP (so they are in a list):

Prior IP listed
Prior IP listed
New IP1
New IP2
New IP3
and so on
Logged
The Natural Greek Phenomenon
Intergalactic Superstar
*****
Offline Offline

Posts: 144


WWW
« Reply #5 on: July 27, 2005, 04:20:18 AM »
Danielle,

In my post above I have embedded a jpg picture.

OK, got that IP hierarchy. Thanks a lot for your help. Applause
Logged
Danielle
Guest
« Reply #6 on: July 27, 2005, 06:28:24 AM »
You're welcome and I figured out what you meant for the jpg now. Glad it is working for you Thumbs Up
Logged
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to: