HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Programming/Scripts (http://www.howtoforge.com/forums/forumdisplay.php?f=7)
-   -   Error when drop ips with script on iptables. (http://www.howtoforge.com/forums/showthread.php?t=61318)

r4faga 6th April 2013 00:01

Error when drop ips with script on iptables.
 
Hello...

I make a simple script to drop multiples ips on iptables to be banned. But cant drop it now.

Mark this error: iptables: Memory allocation problem.

I have 8 gigas ram, so is imposible it's a problem of lack of memory.

I have centos+ispconfig (i used The Perfect Server - CentOS 6.3 x86_64 (Apache2, Courier, ISPConfig 3)

This is my script: for i in $(cat /etc/sysconfig/ip.ls)
do
iptables -I INPUT -s $i -j DROP
iptables -I INPUT -s $i -j LOG --log-prefix "Packet Input DROP:"
done

ip.ls is list of range of ips. like this:

2.60.0.0/14
2.92.0.0/14
5.1.48.0/21
5.2.32.0/19
5.3.0.0/16
5.8.0.0/17
5.8.160.0/20
5.8.176.0/21
5.8.192.0/19
5.8.224.0/20
5.11.64.0/20
5.16.0.0/14
5.23.48.0/21
5.23.96.0/21

but when I run the script, records some ips and seconds later the error:

iptables: Memory allocation problem.
iptables: Memory allocation problem.
iptables: Memory allocation problem.
iptables: Memory allocation problem.
iptables: Memory allocation problem.
iptables: Memory allocation problem.
iptables: Memory allocation problem.

and i have to cancel the script.

Any idea?

Tanks...

victorbell 16th April 2013 08:06

I will have to study this for some time as I have no idea about this. But I will soon find out a solution and let you know.

florian030 16th April 2013 09:26

Quote:


This is my script: for i in $(cat /etc/sysconfig/ip.ls)
do
iptables -I INPUT -s $i -j DROP
iptables -I INPUT -s $i -j LOG --log-prefix "Packet Input DROP:"
done

ip.ls is list of range of ips. like this:

2.60.0.0/14
If you would add a subnet to iptables, you have to masquerade it.
iptables -I INPUT -s "$i" -j DROP


All times are GMT +2. The time now is 09:04.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.