Iptables block ip address – Security Shell Script

in Categories Firewall last updated December 20, 2008

Create /root/iptables/blocked.ips file as follows with list of ips and subnets to block entering your dedicated server:

192.168.1.0/24
202.54.1.2
# spam
202.5.1.2

Call following script from your existing shell script:

#!/bin/bash
# Simple iptables IP/subnet block script 
# -------------------------------------------------------------------------
# Copyright (c) 2004 nixCraft project <http://www.cyberciti.biz/fb/>
# This script is licensed under GNU GPL version 2.0 or above
# -------------------------------------------------------------------------
# This script is part of nixCraft shell script collection (NSSC)
# Visit http://bash.cyberciti.biz/ for more information.
# ----------------------------------------------------------------------
IPT=/sbin/iptables
SPAMLIST="spamlist"
SPAMDROPMSG="SPAM LIST DROP"
BADIPS=$(egrep -v -E "^#|^$" /root/iptables/blocked.ips)
 
# create a new iptables list
$IPT -N $SPAMLIST
 
for ipblock in $BADIPS
do
   $IPT -A $SPAMLIST -s $ipblock -j LOG --log-prefix "$SPAMDROPMSG"
   $IPT -A $SPAMLIST -s $ipblock -j DROP
done
 
$IPT -I INPUT -j $SPAMLIST
$IPT -I OUTPUT -j $SPAMLIST
$IPT -I FORWARD -j $SPAMLIST

Share this on:

Tagged as: Tags , , , , , , , ,

9 comment

  3. thanks for this script..
    btw i have some error with “BADIPS=$(egrep -v -E “^#|^$” /root/iptables/blocked.ips)”
    with -E swich… i change it to -e and its work fine
    in egrep –help no -E option

    ubuntu 10.04

  7. I think rule
    $IPT -I OUTPUT -j $SPAMLIST
    is incorrect. Because in this case $ipblock is destination (-d), not source (-s)

    1. Dear Reader.
      you can remove IP from block by this short command
      #iptables -D input -s 172.20.7.12 IP ADDRESS -j DROP
      172.20.7.12 is an example you can remove any IP that you want just type instate

    Have a question? Post it on our forum!