my iptables not work and don't block any ip

networking server iptables firewall
13,835

Your iptables rules are working and blocking all ports for the machine 66.85.48.9.

You can verify that the machine's IP is blocked by testing specific services and ports such as ssh for port 22, ftp for port 21, or telnet 66.85.48.9 80 to test the default web page port. In the telnet command replace the 66.85.48.9 with the the IP of your IP Server.

Your command doesn't block ping request. Use this rule to block the ping request of your other machine:

$ sudo iptables -A INPUT -s 66.85.48.9 -p icmp -j DROP

Note:
Since from your output, you are running the Apache2 service, you can verify that access to if for machine 66.85.48.9 is blocked by your current rule.

Rules for Preventing udp flooding

In this example you can block udp from all sources while providing access to the desired source, such as your DNS server... in this example, Google's DNS servers are permitted. Use the same method to allow access from any other IP you wish to allow.

# allow dns requests to google nameservers
iptables -A OUTPUT -p udp --dport 53 -d 8.8.8.8 -j ACCEPT
iptables -A OUTPUT -p udp --dport 53 -d 8.8.4.4 -j ACCEPT


# block all other udp
iptables -A OUTPUT -p udp -j DROP
ip6tables -A OUTPUT -p udp -j DROP
Share:
13,835

Related videos on Youtube

Obada Diab
Author by

Obada Diab

Updated on September 18, 2022

Comments

  • Obada Diab
    Obada Diab over 1 year

    my iptables doesn't work and don't blocking ip

    i try to block this ip 66.85.48.9 using this rules

    iptables -I INPUT -s 66.85.48.9 -j DROP
iptables -I INPUT -d 66.85.48.9 -j DROP

    but when i ping my ip server from that ip machine i got reply not timed out

    and this my service status

    root@vmi:~# service --status-all
 [ + ]  acpid
 [ - ]  anacron
 [ + ]  apache2
 [ + ]  apparmor
 [ ? ]  apport
 [ + ]  avahi-daemon
 [ + ]  bluetooth
 [ ? ]  console-setup
 [ + ]  cron
 [ + ]  cups
 [ + ]  cups-browsed
 [ - ]  dbus
 [ + ]  ddos
 [ ? ]  dns-clean
 [ - ]  fail2ban
 [ + ]  friendly-recovery
 [ + ]  gdm
 [ - ]  grub-common
 [ ? ]  irqbalance
 [ ? ]  killprocs
 [ ? ]  kmod
 [ ? ]  mysql
 [ ? ]  networking
 [ ? ]  ogp_agent
 [ ? ]  ondemand
 [ - ]  openbsd-inetd
 [ - ]  postfix
 [ ? ]  pppd-dns
 [ - ]  procps
 [ - ]  psad
 [ - ]  pulseaudio
 [ + ]  pure-ftpd
 [ ? ]  rc.local
 [ + ]  resolvconf
 [ - ]  rsync
 [ + ]  rsyslog
 [ + ]  saned
 [ ? ]  screen-cleanup
 [ ? ]  sendsigs
 [ + ]  ssh
 [ - ]  sudo
 [ + ]  udev
 [ ? ]  umountfs
 [ ? ]  umountnfs.sh
 [ ? ]  umountroot
 [ - ]  unattended-upgrades
 [ - ]  urandom
 [ - ]  x11-common
    • Apologician
      Apologician about 7 years
      It's possible that your blocked computer has more than one IP. If you will run these commands and add the output to your question the answer can be more definitive. From the blocking computer run these command: (1) sudo iptables -L -n | egrep 66.85.48.9 (2) hostname -I. From the computer being blocked run these commands: (3) hostname -I (4) ping -c5 ip-of-server-computer. Replace ip-of-server-computer with the actual IP of your server computer. Append the output of each command to your question.
  • Obada Diab
    Obada Diab about 7 years
    yes tha't work now but still udp port not blocking, he can making udp flood on my vps even if he blocked
  • Apologician
    Apologician about 7 years
    Are you saying the machine can flood your port with the icmp drop rule in place?

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Correct way to masquerade IP in iptables
How to configure iptables file to allow only specific ipaddress on all port and deny all other ipaddress?
Forwarding ports with iptables not working?
Block China with iptables
Block 1.4 million IP addresses on VPS
Open port 80 on Ubuntu server
what could be blocking port 5060 on my ubuntu 14.04?
How to open a closed port in Ubuntu?
Bad iptables argument
How can I allow ssh connection from an IP subnet on port 10022 using iptables?