Blocking All Traffic from a Particular IP

Linux Certification, System Administration, Programming, Networking Books Blocking All Traffic from a Particular IP

Trying to block all traffic from a particular IP on my network to my unix box. I've tried the following commands:

iptables -A INPUT -s 192.168.0.6 -j DROP
iptables -A INPUT -j DROP -p tcp -s 192.168.0.6

When I view the iptables it says that it's blocked, but I am still able to ping and ssh into the unix box from 192.168.0.6.

What am I doing wrong?

Remember it matters where in the list of rules your 'drop' rules are positioned. If there is a rule earlier which is permitting the traffic, then those packets match there and are never tested against your 'drop' rule.

move your 'drop' rule (the -s foo w/o -p tcp is sufficient) to the top:

iptables -I INPUT 1 ...

that's a cap 'i'. The -A arg appends on the end of the list.

-c

Applying Firewalls to Block Sites

Having internet in linux server which acts as gateway for other windows and linux clients. I want to apply firewall in linux server for blocking certain sites. What commands should I use to block. I used this command for blocking some site say www.rediffmail.com -
ipchains -A input -s www.rediffmail.com -j DENY

Above command does not work. even after applying we were able to open rediffmail from every client m/c.

You may also want to do:
ipchains -I output -d www.rediffmail.com -j DENY

or possibly:
ipchains -I output -d www.rediffmail.com 80 -p tcp -y -j DENY

Quick Links:
Do you have a Linux Question?

Linux Home: Linux System Administration Hints and Tips