Find the answer to your Linux question:
Results 1 to 2 of 2
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1

    netstat still shows iptables blocked IPs

    netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n
    shows bad IP addresses connections like:


    i tried to block one by one by:

    iptables -A INPUT -s 215.125.62.IPHERE -j DROP
    iptables -A INPUT -s -j DROP

    but on command
    netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n
    it still created connections from that IPs and that server is getting overloaded, and hanged.

    any ideas please?
    Last edited by postcd; 11-12-2013 at 10:32 AM.

  2. #2
    Linux Engineer
    Join Date
    Apr 2012
    Virginia, USA
    iptables rules work in the order they are submitted. Most likely, you have an input rule that is allowing all IPs in on PORT 80.

    You should use the -I (capital i) instead of -A to insert your rules at the top of the list to make sure they take precedence over the rules that allow the traffic in (such as allowing * on port 80, etc).

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts