Find the answer to your Linux question:
Results 1 to 5 of 5
iptables -L DROP all -- 185.30.160.0/24 anywhere DROP all -- 185.30.0.160 anywhere DROP all -- protected.hyperfilter.com anywhere DROP all -- protected.hyperfilter.com anywhere Chain FORWARD (policy ACCEPT) target prot opt source ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Linux User postcd's Avatar
    Join Date
    Apr 2011
    Posts
    315

    IP is not banned by firewall. Why


    iptables -L

    DROP all -- 185.30.160.0/24 anywhere
    DROP all -- 185.30.0.160 anywhere
    DROP all -- protected.hyperfilter.com anywhere
    DROP all -- protected.hyperfilter.com anywhere

    Chain FORWARD (policy ACCEPT)
    target prot opt source destination

    Chain OUTPUT (policy ACCEPT)
    target prot opt source destination
    [root@* httpd]# vzctl exec 200 netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n
    ..............
    248 185.30.160.22

    So 248 connection from that IP and it was not banned.
    Why, and how to ban it please?

    When i do iptables -I INPUT -s 185.30.160.22 -j DROP

    it only add:
    DROP all -- protected.hyperfilter.com anywhere

    Thank you

  2. #2
    Just Joined!
    Join Date
    Nov 2013
    Posts
    18
    Hello, if you have an "ACCEPT" policy that includes the port the connection is using before the DROP, then it might be an issue.

    e.g if you have ACCEPT for dport 80 before the DROP for source address, and the connection is using Port 80, then connection will establish.

    Also, kill the TCP connections, just to make sure.
    e.g: "tcpkill host 185.30.160.22"

    Also, you should consider adding a DROP rule for the IPv4 address in the OUTPUT table as well(destination).
    eg: "iptables -I OUTPUT -d 185.30.160.22 -j DROP"

    Hope that helps

  3. #3
    Linux User postcd's Avatar
    Join Date
    Apr 2011
    Posts
    315
    Thank you for advices, i bookmarked them and for future use, when trying tcpkill, i got:
    -bash: tcpkill: command not found
    yum install tcpkill - not found, whereis tcpkill, not found

  4. #4
    Just Joined!
    Join Date
    Nov 2013
    Posts
    18
    Quote Originally Posted by postcd View Post
    Thank you for advices, i bookmarked them and for future use, when trying tcpkill, i got:
    -bash: tcpkill: command not found
    yum install tcpkill - not found, whereis tcpkill, not found

    yum install dsniff

    should do it. this is a package that contains tcpkill and other network goodies.

  5. #5
    Just Joined!
    Join Date
    Aug 2009
    Location
    Mumbai, India
    Posts
    95
    Hi,

    Can you provide the output of the following command:
    Code:
    iptables -nvL
    185.30.160.22 is the IP you need to block?

    --Syd

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •