[BlueOnyx:11904] Re: Need to remove a rejected IP

Fungal Style wayin at hotmail.com
Sat Jan 5 06:22:05 -05 2013 

Hi all...
 
I suspect this would not be an issue for a production machine, but iptables rules are removed if the server is restarted, correct?
 
Brian
 

> Date: Thu, 3 Jan 2013 19:06:26 -0500
> From: tigerwolf at tigerden.com
> To: blueonyx at mail.blueonyx.it
> Subject: [BlueOnyx:11896] Re: Need to remove a rejected IP
> 
> On Thu, 3 Jan 2013, Richard Barker wrote:
> 
> > I used this command to block an attacker
> > route add -net x.x.x.x netmask 255.255.255.255 reject
> >
> > if I do a netstat -nrl I get this
> > x.x.x.x - 255.255.255.255 !H - - - -
> >
> > How do I get it removed ?
> 
> I've found different versions of route are terribly picky about syntax,
> in particular, some demand the netmask portion, and some don't.
> 
> Try:
> 
> route del -net x.x.x.x netmask 255.255.255.255
> 
> and
> 
> route add -net x.x.x.x
> 
> Your particuar 'man route' man page may provide some clues.
> 
> If you don't want to reboot, you could take the interface down and bring
> it back up, though clearly you *DON'T* want to do this unless you have a
> console or alternate method of getting into and controlling the box as
> you could get locked out if things don't behave as they should.
> 
> Try:
> 
> service network restart
> 
> That should restart the network with the box's 'default' network settings
> and any manually entered, but otherwise unsaved routes should go away.
> 
> In general, iptables should be used to block attacks rather than adding
> null routes:
> 
> iptables -A INPUT -s <sourceIP(/netmask) -j DROP <--- -A adds rule
> 
> iptables -D INPUT -s <sourceIP(/netmask) -j DROP <--- -D deletes rule
> 
> Check man iptables for help on that.
> 
> =^_^= Tigerwolf
> _______________________________________________
> Blueonyx mailing list
> Blueonyx at mail.blueonyx.it
> http://mail.blueonyx.it/mailman/listinfo/blueonyx
 		 	   		  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.blueonyx.it/pipermail/blueonyx/attachments/20130105/49f0d6b5/attachment.html>

More information about the Blueonyx mailing list