Linux & WebHosting Discussion and Support Forum
How to block Ip ranges in Linux server - Printable Version

+- Linux & WebHosting Discussion and Support Forum (https://serveradminsupport.com/forum)
+-- Forum: News / Security Updates / Security Related stuffs (https://serveradminsupport.com/forum/forumdisplay.php?fid=17)
+--- Forum: Server Level / Application Level Hardening (https://serveradminsupport.com/forum/forumdisplay.php?fid=20)
+--- Thread: How to block Ip ranges in Linux server (/showthread.php?tid=6)



How to block Ip ranges in Linux server - Edward - 11-02-2016

Hi, 

Can any one let me know the exact command if I want to block the range 192.168.x.x ?


RE: How to block Ip ranges in Linux server - Techyllinux - 11-04-2016

If you have CSF firewall Installed , then you can simply use the below format

Note : Please replace the ip and ip ranges with the needed ones

To block 192.xxx.xxx.xxx range, use following rule

# csf -d 192.0.0.0/8

To block 192.168.xxx.xxx range, use following rule

# csf -d 192.168.0.0/16

To block 192.168.1.xxx range, use following rule

# csf -d 192.168.1.0/24

If you have no extra firewall softwares installed, then you can block using the below iptables command


To block one single ip in iptables, use the below command

# iptables -I INPUT -s 192.168.1.1 -j DROP

To block 192.xxx.xxx.xxx range, use following rule

# iptables -I INPUT -s 192.0.0.0/8 -j DROP

To block 192.168.xxx.xxx range, use following rule

# iptables -I INPUT -s 192.168.0.0/16 -j DROP

To block 192.168.1.xxx range, use following rule

# iptables -I INPUT -s 192.168.1.0/24 -j DROP

To remove the ip blocks , you can use the below
    
# iptables -D INPUT -s 192.168.1.1 -j DROP

# iptables -D INPUT -s 192.168.1.0/24 -j DROP