|
Iptables: script to block selected or specific ip addresses |
 |
 |
 |
|
Friday, 16 February 2007 00:24 |
Here I got this script for you that can help you to secure your server from attackers or bots.
Just add ip addresses you want to block to a file, on each line one, and run the script. Iptables will do the rest.
#!/bin/sh
#
# ip_block.sh
#
# block ip addresses from a blacklist
#
# www.r71.nl
# 20070215
#####################################
# file with on each line an ip address you want to block
BLOCKDB="/root/block_ip_list"
IPTABLES=/sbin/iptables
# show and remove duplicate ip addresses from the block_ip_list file
echo Removing duplicate ip addresses from block_ip_list:
sort $BLOCKDB | uniq -c |grep -v " 1 "|grep -v ^$
sort $BLOCKDB | uniq > $BLOCKDB
IPS=$(grep -Ev "^#" $BLOCKDB)
counter=0
for i in $IPS
do
counter=$(($counter+1))
$IPTABLES -A INPUT -s $i -j DROP
$IPTABLES -A OUTPUT -d $i -j DROP
done
echo
echo
echo Number of blocked IP addresses: $counter
echo Have a secure day!
|
|
