IP not added to iptables after auto blocking is setup ?

westoz

Verified User
Joined
Feb 13, 2012
Messages
18
Location
Australia
Hi
I followed the instructions here http://help.directadmin.com/item.php?id=380 to setup ip blocking . The ip shows as blocked when the set level of attempts is reached but if I run a check on iptables using " iptables -L -n --line | grep [blocked ip] " the ip does not show as dropped or rejected. I can manually add the ip through csf and it is added to iptables. Any help or advice appreciated.
Thanks
 
Hello,

I'd rather guess you should show your scripts:

block_ip.sh
brute_force_notice_ip.sh
show_blocked_ips.sh
unblock_ip.sh

if they are the same with those in http://help.directadmin.com/item.php?id=380 it no doubt why you don't get IP blocked with CSF running on your server. They should be rewritten in order to work with CSF. You might want to search the forums, as there are some examples here, how to make it all work together.
 
Hi zEitEr
So if the ip does not block in iptables what is the ip blocked from when that script runs ? .
Thanks
 
I understand that csf loads it own rules , so if csf is not installed and I push block ip under the brute force monitor ,what is the blocked ip not allowed to do ?
 
I don't know what you have in those scripts, you did not show them.
But if to read this http://files1.directadmin.com/services/all/iptables

Code:
b()
{
	if [ "$1" = "" ]; then
		echo "blocking blank value.";
		return;
	fi

	$IPTABLES -A INPUT -s $1 -j DROP
}


if [ -s $BLOCK_LIST ]; then
	for i in `cat $BLOCK_LIST | cut -d= -f1`; do
	{
		b $i
	};
	done;
fi

it blocks all type of connections to any port of a server running that set of rules from a certain IP.
 
Back
Top