Iptables General

From GreyWiki
Jump to: navigation, search

Here's a quick-and-dirty iptables command to drop a particular IP address. For instance, if some asshat is hammering our server with bogus POST requests attempting to spam the hell out of some unsuspecting blogger's trackback system somewhere. (Grrr.)

iptables -A INPUT -s XX.XX.XX.XX -j DROP

What's the current state of iptables?

iptables -S

Man, we hate spammers, even when they're not targeting us.

You know what else works, when we don't want to muck about with iptables?

route add -host XX.XX.XX.XX reject

This is sweet.