IPTables Clueless

I've been trying to figure out how to block IP addresses for any access, though the point is to just block certain websites. I'm speaking of those scam sites that presume to be scanning your PC for viruses. They use an IP address in the url so URL blocking doesn't work.

Like these mother!#&*ers: I'm using DD-WRT firmware in a Linksys WRT350N device. I've been trying to enter a proper IPTABLES command in the command line box in the Administration menu. I've tried:

iptables -I INPUT -d -j logdrop iptables -I OUTPUT -d -j logdrop

No effect at all.

Can anyone tell me how I can do this?

Note, I can use the hosts file, or DD-WRT, to block the URL that redirects to the one with the IP in it, but I have a feeling that those change much more regularly than the bastard's IP itself.

Reply to
Loading thread data ...>

Try something like..

IFACE="ppp0" STATE=" -m state --state ESTABLISHED,RELATED"

iptables -F INPUT iptables -F OUTPUTiptables -N IlogDrop iptables -A IlogDrop -i $IFACE -j LOG --log-level emerg --log-prefix="FI " iptables -A IlogDrop -i $IFACE -j DROP

iptables -A INPUT -i $IFACE -p tcp --tcp-flags SYN,ACK SYN,ACK -m state -- state NEW -j IlogDrop iptables -A INPUT -p icmp --icmp-type 0 -j ACCEPT iptables -A INPUT -i $IFACE -p tcp ${STATE} -j ACCEPT

iptables -A OUTPUT -o $IFACE -p tcp --destination relay.skynet.be --dport 25

-j ACCEPT iptables -A OUTPUT -o $IFACE -p tcp --destination relay.edpnet.be --dport 25

-j ACCEPT Regards

Reply to

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.