This article is a mirror article of machine translation, please click here to jump to the original article.

Architect_Programmer_Code Agriculture Network»Architect Other Technologies Windows/Linux Linux blocks IP addresses and refuses to specify IP addresses and CIDR segment methods
View: 13018|Reply: 2

[linux] Linux blocks IP addresses and refuses to specify IP addresses and CIDR segment methods

[Copy link]
Posted on 2/3/2016 12:46:51 PM | | |

Block IP

The command for a single IP is:
iptables -I INPUT -s 211.1.0.0 -j DROP

The command to block the IP segment is
iptables -I INPUT -s 211.1.0.0/16 -j DROP
iptables -I INPUT -s 211.2.0.0/16 -j DROP
iptables -I INPUT -s 211.3.0.0/16 -j DROP

The order to seal the entire paragraph is:
iptables -I INPUT -s 211.0.0.0/8 -j DROP

The order to seal a few paragraphs is
iptables -I INPUT -s 61.37.80.0/24 -j DROP
iptables -I INPUT -s 61.37.81.0/24 -j DROP

The server starts from running
There are three ways:
1. Add it to /etc/rc.local
2. iptables-save >;/etc/sysconfig/iptables can put your current iptables rules in /etc/sysconfig/iptables, and the system will automatically execute them when iptables is started.
3. Service iptables save can also put your current iptables rules in /etc/sysconfig/iptables, and the system will automatically execute them when you start iptables.
The latter two are better for this, generally iptables services will be started before network services, which is more secure


Unblocking:

iptables -L INPUT

iptables -L --line-numbers then iptables -D INPUT serial number






Previous:Wordpress program Problem with the SSL CA cert (path? access rights?)
Next:C# reads the value of the modified registry

Related Posts
 Landlord| Posted on 4/25/2019 3:18:07 PM |
IP range represented by 192.168.2.0/24
192.168.2.0 for 32-bit binary, four groups of 8 bits each

/24 表示前24位不变,后8位由全0变化到全1的过程,也就是由“00000000”变化到“11111111”
And because all 0 is the subnet network address and all 1 is the subnet broadcast address, these two addresses are not assigned to the host.
Therefore, the effective allocable range is the range of the first 24 bits unchanged, and the last 8 bits change from "00000001" to "11111110"
IP range represented by 192.168.2.0/24, and then convert back to decimal192.168.2.1~192.168.2.254

/
Total number of IPs
Subnet mask
Number of C segments
/30
4255.255.255.2521/64
/29
8255.255.255.2481/32
/28
16255.255.255.2401/16
/27
32255.255.255.2241/8
/26
64255.255.255.1921/4
/24
256255.255.255.01
/23
512255.255.254.02
/22
1024255.255.252.04
/21
2048255.255.248.08
/20
4096255.255.240.016
/19
8192255.255.224.032
/18
16384255.255.192.064
/17
32768255.255.128.0128
/16
65536255.255.0.0256


 Landlord| Posted on 4/25/2019 3:20:16 PM |
Use Alibaba Cloud load balancing to block IP access to websites
https://www.itsvse.com/thread-4777-1-1.html
(Source: Architect_Programmer)
Disclaimer:
All software, programming materials or articles published by Code Farmer Network are only for learning and research purposes; The above content shall not be used for commercial or illegal purposes, otherwise, users shall bear all consequences. The information on this site comes from the Internet, and copyright disputes have nothing to do with this site. You must completely delete the above content from your computer within 24 hours of downloading. If you like the program, please support genuine software, purchase registration, and get better genuine services. If there is any infringement, please contact us by email.
Mail To:help@itsvse.com