Block IP’s through iptables

WARNING: The following code will REPLACE your existing firewall rules as it uses iptables-restore in order to add hundreds of individual ip rules into the INPUT chain very fast.

rm -f /root/listed_ip_*
wget -q -c --no-cache -P /root/ --output-document=/root/
unzip /root/ > /dev/null

echo "*filter" >/tmp/iptables-save
echo ":INPUT ACCEPT [0:0]" >>/tmp/iptables-save
echo ":FORWARD ACCEPT [0:0]" >>/tmp/iptables-save
echo ":OUTPUT ACCEPT [0:0]" >>/tmp/iptables-save
IPS=$(grep -Ev "^#" $BLOCKDB)
for i in $IPS
echo "-A INPUT -s $i/32 -p tcp -m tcp --dport 80 -j DROP" >>/tmp/iptables-save
echo "COMMIT" >>/tmp/iptables-save
cat /tmp/iptables-save | iptables-restore

Leave a Reply

Your email address will not be published. Required fields are marked *