[CentOS] iptables question

Tue Jun 17 21:14:04 UTC 2014
Chuck Campbell <campbell at accelinc.com>

On 6/16/2014 11:08 PM, John R Pierce wrote:
> On 6/16/2014 8:52 PM, Chuck Campbell wrote:
>> I ran a script after fail2ban was started. It looks like this:
>> #!/bin/sh
>> iptables -A INPUT -s 116.10.191.0/24 -j DROP
>> iptables -A INPUT -s 183.136.220.0/24 -j DROP
>> iptables -A INPUT -s 183.136.221.0/24 -j DROP
>> iptables -A INPUT -s 183.136.222.0/24 -j DROP
>> iptables -A INPUT -s 183.136.223.0/24 -j DROP
>> iptables -A INPUT -s 122.224.11.0/24 -j DROP
>> iptables -A INPUT -s 219.138.0.0/16 -j DROP
>>
>> so, how do I get them in front of the RH-Firewall-1-INPUT, or do I add them to
>> that chain?
> use -I (insert) rather than -A (append).
>
> OR
>
> specify chain RH-Firewall-1-INPUT rather than INPUT
I used the RH-Firewall-1-INPUT chain, and -I, defaulting to position 1, and all 
is working as I had anticipated.

It is working as expected, killing all of those rolling ip attempts. I was 
loathe to use system-config-firewall, because I wasn't sure it wouldn't drop 
something I needed, or forgot to include, and it would have wiped out the 
existong ruleset. I'll experiment with that when I am physically in front of the 
server, instead of remote from it. I would have had no quick remedy if I messed 
it up.

Thanks you for the clear concise explanation.

-chuck

-- 
ACCEL Services, Inc.| Specialists in Gravity, Magnetics |  (713)993-0671 ph.
                     |   and Integrated Interpretation   |  (713)993-0608 fax
448 W. 19th St. #325|            Since 1992             |  (713)306-5794 cell
  Houston, TX, 77008 |          Chuck Campbell           | campbell at accelinc.com
                     |  President & Senior Geoscientist  |

      "Integration means more than having all the maps at the same scale!"