Create /root/iptables/blocked.ips file as follows with list of ips and subnets to block entering your dedicated server:
192.168.1.0/24 202.54.1.2 # spam 202.5.1.2
Call following script from your existing shell script:
#!/bin/bash # Simple iptables IP/subnet block script # ------------------------------------------------------------------------- # Copyright (c) 2004 nixCraft project <http://www.cyberciti.biz/fb/> # This script is licensed under GNU GPL version 2.0 or above # ------------------------------------------------------------------------- # This script is part of nixCraft shell script collection (NSSC) # Visit http://bash.cyberciti.biz/ for more information. # ---------------------------------------------------------------------- IPT=/sbin/iptables SPAMLIST="spamlist" SPAMDROPMSG="SPAM LIST DROP" BADIPS=$(egrep -v -E "^#|^$" /root/iptables/blocked.ips) # create a new iptables list $IPT -N $SPAMLIST for ipblock in $BADIPS do $IPT -A $SPAMLIST -s $ipblock -j LOG --log-prefix "$SPAMDROPMSG" $IPT -A $SPAMLIST -s $ipblock -j DROP done $IPT -I INPUT -j $SPAMLIST $IPT -I OUTPUT -j $SPAMLIST $IPT -I FORWARD -j $SPAMLIST
Get the latest tutorials on SysAdmin, Linux/Unix, Open Source, and DevOps topics:
- RSS feed or Weekly email newsletter
- Share on Twitter • Facebook • 9 comments... add one ↓
Related Shell Scripts:
| Category | List of Unix and Linux commands |
|---|---|
| File Management | cat |
| Firewall | Alpine Awall • CentOS 8 • OpenSUSE • RHEL 8 • Ubuntu 16.04 • Ubuntu 18.04 • Ubuntu 20.04 |
| Network Utilities | dig • host • ip • nmap |
| OpenVPN | CentOS 7 • CentOS 8 • Debian 10 • Debian 8/9 • Ubuntu 18.04 • Ubuntu 20.04 |
| Package Manager | apk • apt |
| Processes Management | bg • chroot • cron • disown • fg • jobs • killall • kill • pidof • pstree • pwdx • time |
| Searching | grep • whereis • which |
| User Information | groups • id • lastcomm • last • lid/libuser-lid • logname • members • users • whoami • who • w |
| WireGuard VPN | Alpine • CentOS 8 • Debian 10 • Firewall • Ubuntu 20.04 |
i have a ip that i want to block 78.47.53.243 in my dreambox ???
please..
great script!
thanks for this script..
btw i have some error with “BADIPS=$(egrep -v -E “^#|^$” /root/iptables/blocked.ips)”
with -E swich… i change it to -e and its work fine
in egrep –help no -E option
ubuntu 10.04
hi i new to iptables where exactly should i write this script any help
please
thanks for any help appreciated.
i wanna allow just this ip [10.0.0.100 – 10.0.0.112, 10.0.0.2, 10.0.0.3] and block other ip how is the configuration.
please send to my email : nseshop@gmail.com
thanks very much
hi
everybody now will come big platform
I think rule
$IPT -I OUTPUT -j $SPAMLIST
is incorrect. Because in this case $ipblock is destination (-d), not source (-s)
How can I remove ip’s from blocked
Dear Reader.
you can remove IP from block by this short command
#iptables -D input -s 172.20.7.12 IP ADDRESS -j DROP
172.20.7.12 is an example you can remove any IP that you want just type instate