Skip to content

Instantly share code, notes, and snippets.

@zoonderkins

zoonderkins/use-ipset-block-ip-linux.md

Last active March 17, 2019 17:57
Show Gist options
  • Save zoonderkins/f919b8ed30edeb23ee5a2167386021ff to your computer and use it in GitHub Desktop.
Save zoonderkins/f919b8ed30edeb23ee5a2167386021ff to your computer and use it in GitHub Desktop.
Download ZIP
IPset to block IP on Linux #linux
Raw
use-ipset-block-ip-linux.md

Env: Debian9 or Ubuntu

Installation

apt install ipset

Setup Ipv4, IPv6

ipset create blacklist hash:ip hashsize 4096

ipset create blacklist6 hash:net hashsize 4096 family inet6

ipset add blacklist 51.15.13.235

Iptables insert match-set blacklist and drop

iptables -I INPUT -m set --match-set blacklist src -j DROP
ip6tables -I INPUT -m set --match-set blacklist6 src -j DROP

List current blacklist

ipset list

View current Iptables Rules

iptables -L -nv
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment