0

I run a webserver that caters to an entirely local crowd, so to keep hacking attempts to a minimum, I have inserted a bunch of international IP-blocking rules into my iptables, but my filters don't seem to be working.

For instance, in the *filter section I have the following rule:

-A INPUT -s 101/8 -p tcp -m tcp -j DROP

as part of the set of rules to filter out international traffic.

But I find repeated login attempts from this address: 101.227.170.42 in my lastb output.

Shouldn't the iptables rule filter out these attempts?

Improve this question

1 Answer 1

Reset to default
1

Try specifying the entire netblock in iptables, like so:

-A INPUT -s 101.0.0.0/8 -j DROP

Also, the order of the rules in iptables is important, as is the "default policy" (i.e. DROP, ALLOW, etc.).

Improve this answer
0

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.