2.7. Blocking Access from a Remote Host

Problem

You want to block incoming traffic from a particular host.

Solution

To block all access by that host:

For iptables :

# iptables -A INPUT -s remote_IP_address -j REJECT

For ipchains :

# ipchains -A input -s remote_IP_address -j REJECT

To block requests for one particular service, say, the SMTP mail service:

For iptables :

# iptables -A INPUT -p tcp -s remote_IP_address --dport smtp -j REJECT

For ipchains :

# ipchains -A input -p tcp -s remote_IP_address --dport smtp -j REJECT

To admit some hosts but block all others:

For iptables :

# iptables -A INPUT -s IP_address_1 [-p protocol --dport service] -j ACCEPT
# iptables -A INPUT -s IP_address_2 [-p protocol --dport service] -j ACCEPT
# iptables -A INPUT -s IP_address_3 [-p protocol --dport service] -j ACCEPT
# iptables -A INPUT [-p protocol --dport service] -j REJECT

For ipchains :

# ipchains -A input -s IP_address_1 [-p protocol --dport service] -j ACCEPT
# ipchains -A input -s IP_address_2 [-p protocol --dport service] -j ACCEPT
# ipchains -A input -s IP_address_3 [-p protocol --dport service] -j ACCEPT
# ipchains -A input [-p protocol --dport service] -j REJECT

Discussion

You can also block access at other levels such as TCP-wrappers. [Recipe 3.9][Recipe 3.11]

See Also

iptables(8), ipchains(8).

Get Linux Security Cookbook now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial