Fli
09-27-2013, 10:04 PM
The commands for inserting and deleting IP from IPTables firewall are not easy to remember for everyone, so here is the shell, bash linux script which should make this task super easy without remembering the command.
Script:
echo "IPTables firewall - ban/unban IP, select operation
--------------------------------------------------
i = insert IP / ban it
d = delete IP / unban it
e = exit"
read choice
if [ $choice = "i" ];then
echo "You selected to Insert an IP into iptables - block it.
Please type IP address or IP range and hit enter to add it into iptables."
read ipadd
/sbin/iptables -I INPUT -s $ipadd -j DROP;
echo "Command to add IP to iptables (block it), was executed."
service iptables save;
elif [ $choice = "d" ];then
echo "You selected to Delete an IP from iptables - allow it.
Please type IP address or IP range and hit enter to remove it from iptables blocklist."
read ipadd
/sbin/iptables -D INPUT -s $ipadd -j DROP;
echo "- Command to delete IP from iptables (unblock it), was executed."
service iptables save;
else
echo "Complete. No changes made"
fi
to install this script, just create new file for it (nano iptables.sh;chmod +x iptables.sh;vi iptables.sh) and insert code. then run by sh iptables.sh or ./iptables.sh
The script is made around basic insert, delete iptables commands mentioned below.
You have good memory? Here are commands, no need to create script..
add IP to iptables (block)
1. /sbin/iptables -I INPUT -s IPADDRESS -j DROP;
2. iptables -I INPUT -s IPADDRESS -j DROP;
delete IP from iptables (unblock)
1. /sbin/iptables -D INPUT -s IPADDRESS -j DROP;
2. iptables -D INPUT -s IPADDRESS -j DROP;
-I = insert
-D = delete
DROP = trash connection without response
INPUT = probably incoming connection?
Script:
echo "IPTables firewall - ban/unban IP, select operation
--------------------------------------------------
i = insert IP / ban it
d = delete IP / unban it
e = exit"
read choice
if [ $choice = "i" ];then
echo "You selected to Insert an IP into iptables - block it.
Please type IP address or IP range and hit enter to add it into iptables."
read ipadd
/sbin/iptables -I INPUT -s $ipadd -j DROP;
echo "Command to add IP to iptables (block it), was executed."
service iptables save;
elif [ $choice = "d" ];then
echo "You selected to Delete an IP from iptables - allow it.
Please type IP address or IP range and hit enter to remove it from iptables blocklist."
read ipadd
/sbin/iptables -D INPUT -s $ipadd -j DROP;
echo "- Command to delete IP from iptables (unblock it), was executed."
service iptables save;
else
echo "Complete. No changes made"
fi
to install this script, just create new file for it (nano iptables.sh;chmod +x iptables.sh;vi iptables.sh) and insert code. then run by sh iptables.sh or ./iptables.sh
The script is made around basic insert, delete iptables commands mentioned below.
You have good memory? Here are commands, no need to create script..
add IP to iptables (block)
1. /sbin/iptables -I INPUT -s IPADDRESS -j DROP;
2. iptables -I INPUT -s IPADDRESS -j DROP;
delete IP from iptables (unblock)
1. /sbin/iptables -D INPUT -s IPADDRESS -j DROP;
2. iptables -D INPUT -s IPADDRESS -j DROP;
-I = insert
-D = delete
DROP = trash connection without response
INPUT = probably incoming connection?