my iptables not work and don't block any ip
Your iptables rules are working and blocking all ports for the machine 66.85.48.9
.
You can verify that the machine's IP is blocked by testing specific services and ports such as ssh
for port 22
, ftp
for port 21
, or telnet 66.85.48.9 80
to test the default web page port. In the telnet command replace the 66.85.48.9
with the the IP of your IP Server.
Your command doesn't block ping request. Use this rule to block the ping request of your other machine:
$ sudo iptables -A INPUT -s 66.85.48.9 -p icmp -j DROP
Note:
Since from your output, you are running the Apache2 service, you can verify that access to if for machine 66.85.48.9 is blocked by your current rule.
Rules for Preventing udp flooding
In this example you can block udp from all sources while providing access to the desired source, such as your DNS server... in this example, Google's DNS servers are permitted. Use the same method to allow access from any other IP you wish to allow.
# allow dns requests to google nameservers
iptables -A OUTPUT -p udp --dport 53 -d 8.8.8.8 -j ACCEPT
iptables -A OUTPUT -p udp --dport 53 -d 8.8.4.4 -j ACCEPT
# block all other udp
iptables -A OUTPUT -p udp -j DROP
ip6tables -A OUTPUT -p udp -j DROP
Related videos on Youtube
Obada Diab
Updated on September 18, 2022Comments
-
Obada Diab over 1 year
my
iptables
doesn't work and don't blocking ipi try to block this ip
66.85.48.9
using this rulesiptables -I INPUT -s 66.85.48.9 -j DROP iptables -I INPUT -d 66.85.48.9 -j DROP
but when i ping my ip server from that ip machine i got reply not timed out
and this my service status
root@vmi:~# service --status-all [ + ] acpid [ - ] anacron [ + ] apache2 [ + ] apparmor [ ? ] apport [ + ] avahi-daemon [ + ] bluetooth [ ? ] console-setup [ + ] cron [ + ] cups [ + ] cups-browsed [ - ] dbus [ + ] ddos [ ? ] dns-clean [ - ] fail2ban [ + ] friendly-recovery [ + ] gdm [ - ] grub-common [ ? ] irqbalance [ ? ] killprocs [ ? ] kmod [ ? ] mysql [ ? ] networking [ ? ] ogp_agent [ ? ] ondemand [ - ] openbsd-inetd [ - ] postfix [ ? ] pppd-dns [ - ] procps [ - ] psad [ - ] pulseaudio [ + ] pure-ftpd [ ? ] rc.local [ + ] resolvconf [ - ] rsync [ + ] rsyslog [ + ] saned [ ? ] screen-cleanup [ ? ] sendsigs [ + ] ssh [ - ] sudo [ + ] udev [ ? ] umountfs [ ? ] umountnfs.sh [ ? ] umountroot [ - ] unattended-upgrades [ - ] urandom [ - ] x11-common
-
Apologician about 7 yearsIt's possible that your blocked computer has more than one IP. If you will run these commands and add the output to your question the answer can be more definitive. From the blocking computer run these command: (1)
sudo iptables -L -n | egrep 66.85.48.9
(2)hostname -I
. From the computer being blocked run these commands: (3)hostname -I
(4)ping -c5 ip-of-server-computer
. Replaceip-of-server-computer
with the actual IP of your server computer. Append the output of each command to your question.
-
-
Obada Diab about 7 yearsyes tha't work now but still udp port not blocking, he can making udp flood on my vps even if he blocked
-
Apologician about 7 yearsAre you saying the machine can flood your port with the icmp drop rule in place?