Linux & WebHosting Discussion and Support Forum

Full Version: How to block Ip ranges in Linux server
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

Edward

Hi, 

Can any one let me know the exact command if I want to block the range 192.168.x.x ?
If you have CSF firewall Installed , then you can simply use the below format

Note : Please replace the ip and ip ranges with the needed ones

To block 192.xxx.xxx.xxx range, use following rule

# csf -d 192.0.0.0/8

To block 192.168.xxx.xxx range, use following rule

# csf -d 192.168.0.0/16

To block 192.168.1.xxx range, use following rule

# csf -d 192.168.1.0/24

If you have no extra firewall softwares installed, then you can block using the below iptables command


To block one single ip in iptables, use the below command

# iptables -I INPUT -s 192.168.1.1 -j DROP

To block 192.xxx.xxx.xxx range, use following rule

# iptables -I INPUT -s 192.0.0.0/8 -j DROP

To block 192.168.xxx.xxx range, use following rule

# iptables -I INPUT -s 192.168.0.0/16 -j DROP

To block 192.168.1.xxx range, use following rule

# iptables -I INPUT -s 192.168.1.0/24 -j DROP

To remove the ip blocks , you can use the below
    
# iptables -D INPUT -s 192.168.1.1 -j DROP

# iptables -D INPUT -s 192.168.1.0/24 -j DROP