[CentOS] Blocking an IP address both as source and destination

25 Apr 2011


      Hello,
how do you block incoming AND outgoing traffic to a site?
I have 2 drop lines for a site in my /etc/sysconfig/iptables:
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [294:35064]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -s xx.xx.xx.0/24 -j DROP
-A INPUT -d xx.xx.xx.0/24 -j DROP
-A INPUT -p icmp -m icmp --icmp-type any -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp -m multiport --dports
80,8080 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 --tcp-flags
FIN,SYN,RST,ACK SYN -m limit --limit 1/min --limit-burst 2 -j ACCEPT
COMMIT
but for some reason still can "ping xx.xx.xx.1" and
"ssh xx.xx.xx.1" prints
"ssh: connect to host xx.xx.xx.1 port 22: Connection refused"
immediately, which probably means my packets aren't dropped at all.
Using CentOS 5.6/64 bit
Thank you
Alex

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

[CentOS] Blocking an IP address both as source and destination