View Single Post
  #3  
Old 16th April 2013, 10:26
florian030 florian030 is offline
Senior Member
 
Join Date: Oct 2012
Posts: 252
Thanks: 8
Thanked 68 Times in 59 Posts
Default

Quote:

This is my script: for i in $(cat /etc/sysconfig/ip.ls)
do
iptables -I INPUT -s $i -j DROP
iptables -I INPUT -s $i -j LOG --log-prefix "Packet Input DROP:"
done

ip.ls is list of range of ips. like this:

2.60.0.0/14
If you would add a subnet to iptables, you have to masquerade it.
iptables -I INPUT -s "$i" -j DROP
__________________
regards
Florian

blog.schaal-24.de
Reply With Quote