How do I block an IP on my Linux server?
In order to block an IP on your Linux server you need to use iptables firewall. First you need to log into shell as root user. To block IP address you need to type iptables command as follows:
iptables -A INPUT -s IP-ADDRESS -j DROP
Replace IP-ADDRESS with actual IP address. For example if you wish to block ip address 65.55.44.100 for whatever reason then type command as follows:
# iptables -A INPUT -s 65.55.44.100 -j DROP
If you have IP tables firewall script, add above rule to your script.
If you just want to block access to one port from an ip 65.55.44.100 to port 25 then type command:
# iptables -A INPUT -s 65.55.44.100 -p tcp --destination-port 25 -j DROP
The above rule will drop all packets coming from IP 65.55.44.100 to port mail server port 25.
E-mail this to a friend
Printable version
Related Other Helpful FAQs:
- Block ip address of spammers with iptables under Linux
- Linux Set the Block Size for a SCSI Tape Device
- Linux/UNIX: Determine file type
- Postfix block PDF or ZIP files attachments
- Linux: Openssh (ssh server) deny root user access
Discussion on This FAQ
Leave a Reply
We encourage your comments, and suggestions. But please stay on topic, be polite, and avoid spam. Thank you very much for stopping by our site!
Tags: destination port, firewall script, ip address, iptables firewall, linux block ip address, linux drop ip address, linux server, server port
February 19th, 2007 at 4:10 am
hi dear,
h a u?
i have aproblem to ristrick the wab page on client side.
i have linux server to run internt. i make gateway on that server and use it on other system to run internet.
her i want to on clint system only my specify wab pages is open.
plz u can help me how i confuger it.
my network is on workgroup
thnks
dewa
February 22nd, 2008 at 6:52 am
Ther are two solution:
1) the best practice you use a proxy server like suqid in the gateway machine. Then define ACL on the squid.
say you want to deny access to yahoo.com and rediffmail.com.
acl all src 0.0.0.0/0.0.0.0
acl web_yahoo dest yahoo.com
acl web_rediff dest rediff.com
http_access deny web_yahoo all
http_access deny web_rediff all
2) this option is throhgh iptables, assume that your gateway acts as a firewall.
iptables -A INPUT -p tcp –destination-port 80 -d -j DROP
it will drop any request to port 80 of yahoo from any source.
May 16th, 2008 at 5:02 am
i want to connect internet on local pc by user from server
May 24th, 2008 at 7:05 am
Please send me the code in Linux c to block the website typed on the browser. or send the references where i can get
June 21st, 2008 at 7:19 am
Hi I added:
iptables -A INPUT -s 80.58.205.35 -j DROP
and kept checking my apache logs, after a short pause of no requests from 80.58.205.35
it resumed ?? Could this mean I have been hacked ?
EG:
80.58.205.35 - - [21/Jun/2008:17:10:40 +1000] “GET /////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////photogallery.php?album_id=1 HTTP/1.1″ 200June 21st, 2008 at 8:04 am
You need to add iptables -A INPUT -s 80.58.205.35 -j DROP to your firewall script. Once added 80.58.205.35 cannot connect to your apache. Do you run any special firewall script such as apf?
July 31st, 2008 at 7:57 am
hi,
i need an iptable rule for a website(www.webmd.com) not to go through squid(proxy).could you pls send me the iptable rule for this one?
thanks
July 31st, 2008 at 12:29 pm
joel, i think you do it without iptables rule using squid configuration and I don’t think its possible to have such a rule. What do you say vivek ?
July 31st, 2008 at 12:35 pm
Yes, nilesh is right. It all depends upon your setup. Do you have squid proxy installed? If so there is an option to skip webmd.com from squid cache using ACL. Iptables is for filtering and restricting traffic.
August 1st, 2008 at 1:02 am
@vivek and S. Nilesh,
yes i have a squid transparent proxy caching server and firewall in the same box.could you kindly post here the acl rules to bypass webmd from going through squid. btw im using the old 2.5 stable 6 version.thank you very much to both of you for responding to my question.
joel
August 1st, 2008 at 9:08 am
joel, try this -
acl webmd dstdomain .webmd.com
always_direct webmd
it should do it for you…
August 4th, 2008 at 9:09 am
@ S. Nilesh,
thank you so much.that really works!!
August 8th, 2008 (4 weeks ago) at 10:39 am
@ S.Nilesh and Vivek,
hi again,
i thought i should ask this question. how would you allow https traffic for one particular site on the network but restrict all other https traffic with an iptable rule.i have users bypassing my proxy redirector(squidguard) using https and i cannot block port 443 on my firewall because it is being used by a remote GUI application which is also being used by my users.