Ubuntu Nederlands

for x in black_list:
        iptables('-A OUTPUT -d '+x+' -j DROP')
        iptables('-A INPUT -s '+x+' -j DROP')
        print "BLACKED "+x
mickvdv@server2:~/teux-firewall$ sudo iptables -L
Chain INPUT (policy DROP)
target     prot opt source               destination         
ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED 
ACCEPT     icmp --  anywhere             anywhere            state NEW 
LOG        all  --  anywhere             anywhere            LOG level warning 
DROP       all  --  anywhere             anywhere            state INVALID 
DROP       tcp  --  anywhere             anywhere            tcp flags:FIN,SYN,RST,PSH,ACK,URG/FIN,PSH,URG 
DROP       tcp  --  anywhere             anywhere            tcp flags:FIN,SYN,RST,PSH,ACK,URG/FIN,SYN,RST,PSH,ACK,URG 
DROP       tcp  --  anywhere             anywhere            tcp flags:FIN,SYN,RST,PSH,ACK,URG/NONE 
DROP       tcp  --  anywhere             anywhere            tcp flags:SYN,RST/SYN,RST 
DROP       tcp  --  anywhere             anywhere            tcp flags:FIN,SYN/FIN,SYN 
DROP       tcp  --  anywhere             anywhere            tcp flags:FIN,ACK/FIN 
DROP       tcp  --  anywhere             anywhere            tcp flags:FIN,SYN,RST,PSH,ACK,URG/FIN,SYN,RST,ACK,URG 
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:ssh state NEW 
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:www state NEW 
DROP       all  --  168.168.1.5          anywhere            

Chain FORWARD (policy DROP)
target     prot opt source               destination         
DROP       all  --  anywhere             anywhere            state INVALID 

Chain OUTPUT (policy DROP)
target     prot opt source               destination         
ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED 
ACCEPT     icmp --  anywhere             anywhere            state NEW 
ACCEPT     udp  --  anywhere             anywhere            udp dpt:domain state NEW 
LOG        all  --  anywhere             anywhere            LOG level warning 
DROP       all  --  anywhere             anywhere            state INVALID 
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:ssh state NEW 
DROP       all  --  anywhere             168.168.1.5

Ubuntu Nederlands

Aankondiging

#1 02-07-2008 15:24:51

IPTABLES ip blocken

Code:

Code:

#2 02-07-2008 17:29:34

Re: IPTABLES ip blocken

#3 02-07-2008 22:34:24

Re: IPTABLES ip blocken

#4 03-07-2008 01:36:39

Re: IPTABLES ip blocken

#5 03-07-2008 10:05:19

Re: IPTABLES ip blocken

#6 03-07-2008 12:26:26

Re: IPTABLES ip blocken

Bulletin Board voettekst