On 01/05/2013 05:22 AM, Fungal Style wrote:
Hi all...
I suspect this would not be an issue for a production machine, but
iptables rules are removed if the server is restarted, correct?
Depends on /etc/sysconfig/iptables-config
default is to "remove the rules" although it can be changed
> On Thu, 3 Jan 2013, Richard Barker wrote:
>
> > I used this command to block an attacker
> > route add -net x.x.x.x netmask 255.255.255.255 reject
> >
> > if I do a netstat -nrl I get this
> > x.x.x.x - 255.255.255.255 !H - - - -
> >
> > How do I get it removed ?
>
> I've found different versions of route are terribly picky about syntax,
> in particular, some demand the netmask portion, and some don't.
>
> Try:
>
> route del -net x.x.x.x netmask 255.255.255.255
>
> and
>
> route add -net x.x.x.x
>
> Your particuar 'man route' man page may provide some clues.
>
> If you don't want to reboot, you could take the interface down and bring
> it back up, though clearly you *DON'T* want to do this unless you have a
> console or alternate method of getting into and controlling the box as
> you could get locked out if things don't behave as they should.
>
> Try:
>
> service network restart
>
> That should restart the network with the box's 'default' network
settings
> and any manually entered, but otherwise unsaved routes should go away.
>
> In general, iptables should be used to block attacks rather than adding
> null routes:
>
> iptables -A INPUT -s <sourceIP(/netmask) -j DROP <--- -A adds rule
>
> iptables -D INPUT -s <sourceIP(/netmask) -j DROP <--- -D deletes rule
>
> Check man iptables for help on that.
>
> =^_^= Tigerwolf
_
--
Gerald
_______________________________________________
Blueonyx mailing list
Blueonyx@mail.blueonyx.it
http://mail.blueonyx.it/mailman/listinfo/blueonyx
