Hi now I no this has nothing to do with video.But I can not get a suitable answer to the question.
How do you block a range of ip adresses using the ip tables in 10.04 Linux Ubuntu ?
These are the commands ive used so far and none work :-
(ip adresses are just examples)
sudo iptables -A INPUT -m iprange --src-range 0.0.0.0-0.255.255.255 -j DROP
sudo iptables -I OUTPUT -m iprange --dst-range 0.0.0.0-0.255.255.255 -j DROP
sudo iptables -I INPUT -m iprange --src-range 0.0.0.0-0.255.255.255 -j DROP
sudo iptables -I INPUT -s 0.0.0.0/16 -j DROP
Ive tryed all the Ubuntu forums/google etc... but they all say the same as above.
+ Reply to Thread
Results 1 to 11 of 11
Found on another forum as I don't claim to be an iptable expert.
This is how to block an entire subnet:
# iptables -A INPUT -s 192.168.100.0/24 -j DROP
This is how to block a range of ip's within a subnet:
# iptables -I INPUT -m iprange --src-range 192.168.1.10-192.168.1.13 -j DROP
Looks like you did that stuff (well, you used -I instead of -A but I think that's OK after seeing the man page) so this may be your real problem:
The problem is (or can be) that the module ipt_iprange is not loaded in the kernel, so, load it with modprobe or recompile your kernel with iprange
Thread moved to the Linux forum where you can get more help.I think,therefore i am a hamster.
Technically speaking the description of the Linux forum is for VIDEO and AUDIO issues. This is neither. I think the OP was smart enough to put it in the right place.
Geez johns0, once again maybe a little less zealousness, buddy?
NICEBUD - I have criticized johns0 in the past for being far too quick on the draw. This is just more of the same.
OK, I'm going to partly take back the above.
Putting it in the Linux forum did mark your post with a penguin, which may help to identify it as a Linux question. So it's not crazy to have moved it there.
The forum clearly states that it's for video and audio questions and makes no mention of being for Linux issues outside of those. So I also can't blame the OP for probably reading that and believing what it said as I did.
If this is for a desktop, consider using a GUI.
If this is for a server, consider using an iptables application like CSF or APF.
Manual control of iptables is a nuisance.
This is definitely far off topic for VH...
... but it was also a safe assumption that somebody here would have an answer.
Thanks for the advice,and sorry johns0 wasn`t sure ware to put the thread and thank you for the correction.
Sorry about the long delay getting back to you guys but my net connection is only on now and then.
lordsmurf when you said use a gui ive tryed Firestarter.But I couldn`t find any info on how to.I did find something their w/site about ip calculators.But I dont understand how to use them.
Any ideas ?
If its a desktop PC, it may be simpler to block at the router.
Most routers have a firewall and you can easily block IP ranges.
I'm no expert....and I'm not even certain it works on Linux.....but isn't PeerBlock the easiest answer?
just stumbled upon this thread, it seems you have been doing it all wrong, you need a shell script as explained here:
a much easier way is to modify the hosts file: