View Full Version : [ubuntu] Firewalling

May 13th, 2008, 07:56 PM

I am used to OpenBSD's pf and found that ufw is alright for extremely simple setups. Started with Linux server whith Ubuntu Server 8.04

I have a block-list that keeps a lot of hackers out and it looks something like this:
table <HACKERS> const {,,,,,,,,,,,,,,,,,, 192.116............

How do I put that in Linux packet filter?

May 13th, 2008, 08:39 PM
The packet filter in Linux is called netfilter and is usually managed with iptables

man iptables:

Iptables is used to set up, maintain, and inspect the tables of IP
packet filter rules in the Linux kernel. Several different tables may
be defined. Each table contains a number of built-in chains and may
also contain user-defined chains.

The common way of using iptables is by creating an init script with iptables statements, but there are also GUI frontends to iptables.

I don't know what the usual method is for blocking a list of addresses, but you could probably just do something like the following (in an init script) :

HACKERS=" 19...... "
for ADDR in $HACKERS; do
iptables -A INPUT -s $ADDR -j DROP #block traffic from $ADDR
iptables -A OUTPUT -d $ADDR -j DROP #block traffic towards $ADDR

If you prefer to maintain a list of addresses in a separate file, you can do

cat list_of_scriptkiddie_addresses | while read ADDR ; do
iptables ... $ADDR ......