Feed on

IP blacklist on linux

My last post described in detail the steps to effectively block all network traffic from an attacking IP. Here’s how to block an IP in linux:

iptables -A INPUT -s IP-To-Block -j DROP
iptables -A INPUT -d IP-To-Block -j DROP

Of course, that takes advantage of the built-in linux firewall. We didn’t use the built-in Windows firewall in the last post, so maybe it’s unfair to take advantage of a firewall on linux. As such, here’s how to block the IP on linux in the same manner we blocked it on Windows (by adjusting the routing tables):

route add IP-To-Block dev lo

Leave a Reply