Find the answer to your Linux question:
Results 1 to 2 of 2
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1

    netstat still shows iptables blocked IPs


    Code:
    netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n
    shows bad IP addresses connections like:

    215.125.62.*

    i tried to block one by one by:

    iptables -A INPUT -s 215.125.62.IPHERE -j DROP
    iptables -A INPUT -s 215.125.62.0/24 -j DROP

    but on command
    Code:
    netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n
    it still created connections from that IPs and that server is getting overloaded, and hanged.

    any ideas please?
    Last edited by postcd; 11-12-2013 at 11:32 AM.

  2. #2
    Linux Engineer
    Join Date
    Apr 2012
    Location
    Virginia, USA
    Posts
    947
    iptables rules work in the order they are submitted. Most likely, you have an input rule that is allowing all IPs in on PORT 80.

    You should use the -I (capital i) instead of -A to insert your rules at the top of the list to make sure they take precedence over the rules that allow the traffic in (such as allowing * on port 80, etc).

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •