Tag Archives: IP

Block Incoming IP Using dd-wrt (iptables)

While reviewing logs on the email server I noticed 112.121.136.26 trying to authenticate via SASL.
This is not a normal IP that would be relaying email through the server, so I decided to block it at the firewall.
Undoubtedly, someone was trying to relay spam, whether they were aware or not.

First, I logged into my firewall via ssh to get a rule in place immediately:

iptables -I CHAIN -s 112.121.136.26 -j DROP

Listing the rules:

iptables -L --line-number

1 DROP 0 — ppp-112.121.136.26.revip.proen.co.th anywhere

Shows the new rule at the top of the chain. Exactly where I need it.

Now I have to make sure this rule survives rebooting the firewall.
To do this, I used the web interface and added a command to Administration >> Commands.

iptables -I CHAIN -s 112.121.136.26 -j DROP
Clicked the “Save Firewall” button.

I went ahead and rebooted to confirm the new rule was loaded at startup.
No more auth attempts from that IP.

NOTE 1: This method will drop ALL TRAFFIC from the listed IP. Play for keeps.
NOTE 2: If this is your IP, you need to check yo’ self before you wreck yo’ self…

Ongoing Additions:
High Frequency POP3 attempts (multiple a second):
iptables -I CHAIN -s 67.136.48.186 -j DROP
67.136.48.186

Solaris 10 Change IP/Network/Hostname

I seem to be searching and using the same google result a bunch lately. So here it is:

Changing the IP on Solaris 10 requires editing two files:

1. /etc/hosts
2. /etc/inet/ipnodes
3. /etc/netmasks (if subnet mask needs changing)

If you are changing network address, you will need to change the router address in the file:
1. /etc/defaultrouter

Changing the hostname now only requires editing these files:

1. /etc/hosts
2. /etc/nodename
3. /etc/hostname.”interface name”
hostname “hostname” (change until you can reboot)

Thanks to shiv729 at devshed.

Original forum post:
http://forums.devshed.com/unix-help-35/changing-hostname-and-ip-on-solaris-10t-343047.html

Binding IP’s to NICs in Debian

So, say you want one of your Debian based servers to listen on more than 1 IP address. Heres a quick and dirty example of how to do this.

This may or may not be the correct way to do this, but it works on my machines.

Adding an IP to eth0 (usually the default)

If you look in your /etc/network/interfaces file you should see something like this:

auto eth0
iface eth0 inet static
address 192.168.0.1
netmask 255.255.255.0
network 192.168.0.0
broadcast 192.168.0.255
gateway 192.168.0.254

That is your standard IP address bound to the network card eth0. To add another IP address on the same subnet, add something like the following below the above stanza.

auto eth0:0
iface eth0:0 inet static
address 192.168.0.128
netmask 255.255.255.0
network 192.168.0.0
broadcast 192.168.0.255
gateway 192.168.0.254

At this point I just reboot to activate the new IP(s) but I am sure you can just do an ‘ifconfig eth0:0 up’ with all the pertinent info there.