cara Blokir IP di Linux

Cara Blokir IP di Linux Dengan IPTABLES

Posted on

The following command will drop any packet coming from the IP address

/sbin/iptables -I INPUT -s {IP-HERE} -j DROP
/sbin/iptables -I INPUT -s -j DROP

You can also specify an interface such as eth1 via which a packet was received:

/sbin/iptables -I INPUT -i {INTERFACE-NAME-HERE} -s {IP-HERE} -j DROP
/sbin/iptables -I INPUT -i eth1 -s -j DROP

Please note that when the “!” argument is used before the interface name, the sense is inverted:

/sbin/iptables -I INPUT ! -i {INTERFACE-NAME-HERE} -s {IP-HERE} -j DROP
/sbin/iptables -I INPUT ! -i eth1 -s -j DROP

If the interface name ends in a “+”, then any interface which begins with this name will match. If this option is omitted, any interface name will match:

/sbin/iptables -I INPUT -i {INTERFACE-NAME-HERE}+ -s {IP-HERE} -j DROP
/sbin/iptables -I INPUT -i br+ -s -j DROP

You can replace -I INPUT (insert) with -A INPUT (append) rule as follows:

/sbin/iptables -A INPUT -s -j DROP
/sbin/iptables -i eth1 -A INPUT -s -j DROP

How Do I Block Subnet (xx.yy.zz.ww/ss)?

Use the following syntax to block on eth1 public interface:
# /sbin/iptables -i eth1 -A INPUT -s -j DROP

How Do I Block and Log Dropped IP Address Information?

You can turn on kernel logging of matching packets with LOG target as follows:

# /sbin/iptables -i eth1 -A INPUT -s -j LOG --log-prefix "IP DROP SPOOF A:"

Leave a Reply

Your email address will not be published. Required fields are marked *