homepage Welcome to WebmasterWorld Guest from
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member
Home / Forums Index / Hardware and OS Related Technologies / Linux, Unix, and *nix like Operating Systems
Forum Library, Charter, Moderators: bakedjake

Linux, Unix, and *nix like Operating Systems Forum

Centos 6 Iptables Country Blocking Bash Script

5+ Year Member

Msg#: 4455814 posted 6:28 am on May 21, 2012 (gmt 0)

I tried using this on my Centos 6 server to block Russia and China but it doesn't appear to be working.


The script runs without a problem but even after restarting iptables service I still see accesses from ip addresses that I can confirm are in the pool of ips that the script calls and is suppose to ad to iptables.

On top of that, /etc/sysconfig/iptables is not altered at all.

Any idea why that isn't working on Centos 6?



WebmasterWorld Senior Member lammert us a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

Msg#: 4455814 posted 7:09 am on May 21, 2012 (gmt 0)

The active list of iptables rules can be requested with "iptables -L -n -v" It could be that the active list is changed but not the stored list in /etc/sysconfig/iptables. The latter is saved manually with the iptables-save command, or during system shutdown if that has been configured in the iptables config.

One common mistake is that such an installation script is not started under user root. Only user root has enough privileges to change the iptables configuration.

One final warning, These scripts from external sources may intentionally or unintentionally change your firewall configuration in such a way that your system becomes either inaccessible, or create a hole for malicious visitors. Use them with care and always be sure that you fully understand how they work before running them. Also having a backdoor for yourself in case the firewall locks up (for example through a remote console connection offered by your ISP) may save you a lot of work and frustration in case the system locks down.

Global Options:
 top home search open messages active posts  

Home / Forums Index / Hardware and OS Related Technologies / Linux, Unix, and *nix like Operating Systems
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved