Hi all... I suspect this would not be an issue for a production machine, but iptables rules are removed if the server is restarted, correct? Brian
> Date: Thu, 3 Jan 2013 19:06:26 -0500 > From: tigerw...@tigerden.com > To: blueonyx@mail.blueonyx.it > Subject: [BlueOnyx:11896] Re: Need to remove a rejected IP > > On Thu, 3 Jan 2013, Richard Barker wrote: > > > I used this command to block an attacker > > route add -net x.x.x.x netmask 255.255.255.255 reject > > > > if I do a netstat -nrl I get this > > x.x.x.x - 255.255.255.255 !H - - - - > > > > How do I get it removed ? > > I've found different versions of route are terribly picky about syntax, > in particular, some demand the netmask portion, and some don't. > > Try: > > route del -net x.x.x.x netmask 255.255.255.255 > > and > > route add -net x.x.x.x > > Your particuar 'man route' man page may provide some clues. > > If you don't want to reboot, you could take the interface down and bring > it back up, though clearly you *DON'T* want to do this unless you have a > console or alternate method of getting into and controlling the box as > you could get locked out if things don't behave as they should. > > Try: > > service network restart > > That should restart the network with the box's 'default' network settings > and any manually entered, but otherwise unsaved routes should go away. > > In general, iptables should be used to block attacks rather than adding > null routes: > > iptables -A INPUT -s <sourceIP(/netmask) -j DROP <--- -A adds rule > > iptables -D INPUT -s <sourceIP(/netmask) -j DROP <--- -D deletes rule > > Check man iptables for help on that. > > =^_^= Tigerwolf > _______________________________________________ > Blueonyx mailing list > Blueonyx@mail.blueonyx.it > http://mail.blueonyx.it/mailman/listinfo/blueonyx
_______________________________________________ Blueonyx mailing list Blueonyx@mail.blueonyx.it http://mail.blueonyx.it/mailman/listinfo/blueonyx