obtasks/Blocked ips.md

blocked ips
========================

 45.125.65.88
141.98.10.37
193.169.254.67
185.234.217.188
45.125.65.65

141.98.80.15

 45.125.65.63

185.234.217.188

45.125.66.183

185.53.91.24
185.53.91.24


sudo iptables -A INPUT -s 45.125.65.0/24 -j DROP

sudo iptables -A INPUT -s 141.98.10.0/24 -j DROP

sudo iptables -A INPUT -s 193.169.254.0/24 -j DROP

sudo iptables -A INPUT -s 185.234.217.0/24 -j DROP

sudo iptables -A INPUT -s 185.36.81.0/24 -j DROP


sudo iptables -A INPUT -s 141.98.80.0/24 -j DROP

sudo iptables -A INPUT -s 45.125.65.0/24 -j DROP

sudo iptables -A INPUT -s 185.234.217.188 -j DROP

sudo iptables -A INPUT -s 45.125.66.0/24 -j DROP

sudo iptables -A INPUT -s 185.53.91.24 -j DROP

https://help.ubuntu.com/community/PortKnocking

```

To block 116.10.191.* addresses:

$ sudo iptables -A INPUT -s 116.10.191.0/24 -j DROP

To block 116.10.*.* addresses:

$ sudo iptables -A INPUT -s 116.10.0.0/16 -j DROP

To block 116.*.*.* addresses:

$ sudo iptables -A INPUT -s 116.0.0.0/8 -j DROP

But be careful what you block using this method. You don't want to prevent legitmate traffic from reaching the host.

edit: as pointed out, iptables evaluates rules in sequential order. Rules higher in the ruleset are applied before rules lower in the ruleset. So if there's a rule higher in your ruleset that allows said traffic, then appending (iptables -A) the DROP rule will not produce the intended blocking result. In this case, insert (iptables -I) the rule either:

as the first rule
sudo iptables -I ...

or before the allow rule
sudo iptables --line-numbers -vnL

say that shows rule number 3 allows ssh traffic and you want to block ssh for an ip range. -I takes an argument of an integer that's the location in your ruleset you want the new rule to be inserted

iptables -I 2 ...


ckiGO99l
```
Initial commit 2019-04-29 13:49:56 +00:00			`blocked ips`
			`========================`

			`45.125.65.88`
			`141.98.10.37`
			`193.169.254.67`
			`185.234.217.188`
			`45.125.65.65`

			`141.98.80.15`

			`45.125.65.63`

			`185.234.217.188`

			`45.125.66.183`

			`185.53.91.24`
			`185.53.91.24`


			`sudo iptables -A INPUT -s 45.125.65.0/24 -j DROP`

			`sudo iptables -A INPUT -s 141.98.10.0/24 -j DROP`

			`sudo iptables -A INPUT -s 193.169.254.0/24 -j DROP`

			`sudo iptables -A INPUT -s 185.234.217.0/24 -j DROP`

			`sudo iptables -A INPUT -s 185.36.81.0/24 -j DROP`



			`sudo iptables -A INPUT -s 141.98.80.0/24 -j DROP`

			`sudo iptables -A INPUT -s 45.125.65.0/24 -j DROP`

			`sudo iptables -A INPUT -s 185.234.217.188 -j DROP`

			`sudo iptables -A INPUT -s 45.125.66.0/24 -j DROP`

			`sudo iptables -A INPUT -s 185.53.91.24 -j DROP`

			`https://help.ubuntu.com/community/PortKnocking`

			```

			`To block 116.10.191.* addresses:`

			`$ sudo iptables -A INPUT -s 116.10.191.0/24 -j DROP`

			`To block 116.10.. addresses:`

			`$ sudo iptables -A INPUT -s 116.10.0.0/16 -j DROP`

			`To block 116...* addresses:`

			`$ sudo iptables -A INPUT -s 116.0.0.0/8 -j DROP`

			`But be careful what you block using this method. You don't want to prevent legitmate traffic from reaching the host.`

			`edit: as pointed out, iptables evaluates rules in sequential order. Rules higher in the ruleset are applied before rules lower in the ruleset. So if there's a rule higher in your ruleset that allows said traffic, then appending (iptables -A) the DROP rule will not produce the intended blocking result. In this case, insert (iptables -I) the rule either:`

			`as the first rule`
			`sudo iptables -I ...`

			`or before the allow rule`
			`sudo iptables --line-numbers -vnL`

			`say that shows rule number 3 allows ssh traffic and you want to block ssh for an ip range. -I takes an argument of an integer that's the location in your ruleset you want the new rule to be inserted`

			`iptables -I 2 ...`



			`ckiGO99l`
			```