Auto-blacklist iptables

Gather a list of ips which fail logins and drop from firewall for the future

lastb | awk '{ FS == "[ \t]+" ; print $3; }' | egrep -o '([[:digit:]]{1,3}\.){3}[[:digit:]]{1,3}'| grep -v "192.168." | sort | uniq | xargs -n 1 -I {} iptables -A INPUT -s {} -j DROP

if you want to make it permanent simply

[root@DellR510-3 ~]# /sbin/service iptables save

 

That’s it.

nJoy 😉

 

 

 

2 Replies to “Auto-blacklist iptables”

  1. Hi David,

    Have a look at fail2ban – it does a good job of blocking people before they’ve logged in. last captures data on people who have logged in…

    Hope you’re well.

    regards,

    Mark

Leave a Reply

Your email address will not be published. Required fields are marked *