Can anybody tell me, how to create a black list scrip, that would drop all incoming request from IP-s in the list deny_hosts.conf? How to read file line by line, ignoring commented and compare IP-s to the ones from list and DROP them?
Just Give Me the Beans!
Re: HOWTO: Set a custom firewall (iptables) and Tips
Can anybody tell me, how to create a black list scrip, that would drop all incoming request from IP-s in the list deny_hosts.conf? How to read file line by line, ignoring commented and compare IP-s to the ones from list and DROP them?
Ubuntu French Roast
Give me your deny_hosts.conf and i will write you a perl script to generate the corresponding iptables lines. This script will fill a file called iptables_black_list.bash for example then all you would have to do is to add a line in your firewall script to excecute this iptables_black_list.bash file.
Just Give Me the Beans!
Re: HOWTO: Set a custom firewall (iptables) and Tips
Great! I was struggling with bash, but it takes some time since I am nearly new to this.
I'm actually using ubuntu-firewall now, since I had some unwelcome visitors that managed to get to some server rights.
Ubuntu firewall has an option custom script file that should point to it.
The attached list deny_hosts.txt contains a relative small number of bad ip-s, but we can create some web servis, that would contain a bad list.
deny_hosts.txt
Thanks very much.
Ubuntu French Roast
If you understand the guide you can write your own script rather than using ubuntu-firewall which help you to create it.
Anyway here is the script (at the bottom of the post, remove the .txt extension), download it then give it execute rights finally put it under /usr/bin/. Then to use it type this :
where the first parameter is your input text file or the path to your input text file and the second is the output file or the path to the output file which is your custom iptables script.Code:deny-ip-generator.pl <deny-ip text files> <output file>
Just Give Me the Beans!
Re: HOWTO: Set a custom firewall (iptables) and Tips
Thanks very much. I did write my on wall, as I started with 5.04, but adding some advanced functionality gave me a struggle. So it was easier to install ubuntu firewall. Basically I'm short of time since my basic job is coding some other stuff. I was quite shocked, that I had guests in my server but the good think is that only few of them got in. 2 to many. thx
Just Give Me the Beans!
Thanks a bunch for this great guide!
I connect to an ADSL connection via PPPoE (using pppoeconf), and none of the iptables front ends seem to let me connect. Your instructions worked perfectly, though, and now the test sites report me as completely stealthed.
A few questions about setting up rules for Gizmo:
1. On this page, they describe the ports and services needed. If I see something like this, do I need to edit the script?
2. If so, when they say some ports are for "incoming" and some for "outgoing", does that mean I need to choose between dport and sport in my rules? (Which is which?)
3. How does one specify a rule allowing for "All outgoing UDP ports above 1023"?
TIA
Last edited by Adam590; October 2nd, 2007 at 01:37 PM.
Ubuntu French Roast
1- First try and see if the apps works, if it works no need to modify anything. If it doesn't work you will need to edit the script.
2- The script i provide in the first post only block incoming traffic so you only have to concider incoming ports.
So the rules you would have to add if it doen't work by default would be something like :
As for using dport or sport it depends on the context but not on the nature of the packet (incoming or outgoing), if you don't know the one to choose try one and if i don't work try the other not really painfulCode:iptables -A TRUSTED -i eth0 -p udp -m udp --dport 5004 -j ACCEPT iptables -A TRUSTED -i eth0 -p udp -m udp --dport 5005 -j ACCEPT iptables -A TRUSTED -i eth0 -p udp -m udp --dport 64064 -j ACCEPT
And my secret tip, because iptables is widely used if you perform a google search with "iptables" and "gizmo" as keyword i'm quite sure you will find the rules you need.
Here is what i found:
http://www.voipplanet.com/background...le.php/3638086
3- In the case you are filtering outgoing traffic (what you don't) it would be :
Code:iptables -A OUTPUT -p udp --dport 1024:65535 -j ACCEPT
Last edited by frodon; October 2nd, 2007 at 01:53 PM.
Just Give Me the Beans!
Right - forgot to mention Gizmo wasn't (and still isn't) working, but it's good to know what the problem is not. Thanks for the info and tips.
Just Give Me the Beans!
hi I'm trying to follow your firewall guide but when I try to start the firewall it either says the file does not exist or it says
: command not found
: command not found
'irewall: line 6:syntax error near unexpected token '{
'irewall: line 6: 'start() {
What am I doing wrong here ?
First Cup of Ubuntu
Wow, great how to I put it on stumble upon so you should start getting more hits now.
Posting Permissions
Adv Reply
Bookmarks