Is using a blacklist in iptables a good strategy?

David Leangen netfilter at leangen.net
Tue Nov 29 09:21:15 CET 2005


Hello,

I don't know why, but I'm getting a little fed up with break-in attempts
happening every single day.

Do I just have to accept this as a fact of life?


I started keeping a list of IP addresses that I'm just going to
blacklist, but this does not seem like a maintainable solution. For now,
I'm just adding lines like so:

  ...
  -A INPUT -s xxx.xxx.xxx.xxx -j BLACKLIST
  ...
  -A BLACKLIST -j DROP
  ...

What is common practice?


Is it possible to blacklist any packets that come from a server from a
given country?


Thanks for the advice!
Dave





More information about the netfilter mailing list