Hey, I want to block a range of IP addresses in firewall!!
It’s simple to block or allow IP addresses into the firewall by using simple for loop via command line. In some cases like DoS, and we found some IP addresses which are accessing the website or server many times. We can create a simple for looped script to move all of them to the firewall. Here I’m illustrating this with CSF. Config Server Firewall is abbreviated as CSF. CSf is the most commonly using firewall application to secure Linux servers. CSF has wide range of options to manage Linux firewall via comman-line and from the control panel. The csf installation includes preconfigured configurations and control panel UI’s for cPanel, DirectAdmin and Webmin. The installation ans usage of CSF is quit simple.
To deny multiple IPs:
The command to deny an IP:
# csf -d ip.address
Click here for more CSF commands
Here is the script to block number of IPs:
1, Save the IPs in a text file:
Eg:
vi block.txt
.....
1.1.1.5
1.1.1.1
1.1.1.4
1.1.1.6
.....
2, Blocking them using for loop:
# for i in `cat block.txt`; do csf -d $i;done
Eg:
You can customize the script as per your requirement. If you want to add UIP address change the “do” part with “csf -a $i”.
That’s it!
Also read:
1, Enabling CSF managing privilege for WHM resellers
2, Install and configure csf on CentOS
3, 10 APF (Advance Policy Firewall) commands in Linux – Simple usages
