Auto-blacklist iptables

Gather a list of ips which fail logins and drop from firewall for the future

lastb | awk '{ FS == "[ \t]+" ; print $3; }' | egrep -o '([[:digit:]]{1,3}\.){3}[[:digit:]]{1,3}'| grep -v "192.168." | sort | uniq | xargs -n 1 -I {} iptables -A INPUT -s {} -j DROP

if you want to make it permanent simply

[root@DellR510-3 ~]# /sbin/service iptables save

 

That’s it.

nJoy 😉

 

 

 

2 comments to “Auto-blacklist iptables”

You can leave a reply or Trackback this post.
  1. Mark Fazakerley says: -#1

    Hi David,

    Have a look at fail2ban – it does a good job of blocking people before they’ve logged in. last captures data on people who have logged in…

    Hope you’re well.

    regards,

    Mark

Write a Reply or Comment

Your email address will not be published.