Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
A
A
Anton Artyomov2017-07-20 13:26:40
iptables
Anton Artyomov, 2017-07-20 13:26:40

How to inform the user that his IP is banned?

Good. Now Available

-A INPUT -p tcp -m multiport --dports 80,443 -m set --match-set f2b-bruteforce_joomla src -j REJECT --reject-with icmp-port-unreachable

Packets are rejected.
How can you implement this: if the user's IP is banned, then it's not stupid to do a REJECT, but give him a static html page with information that the IP is banned?
If possible, give an example, or links to similar solutions.
Thank you.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
K
krosh, 2017-07-21
@ArtyomovAnton

Try replacing REJECT with REDIRECT. After applying the rule, their processing stops and, therefore, the packet should not reach the target. In this case, the web server on 8080 must be local, and you can still close access to it to everyone except f2b-bruteforce_joomla.

iptables -t nat -A PREROUTING -i eth1 -p tcp -m multiport --dports 80,443 -m set --match-set f2b-bruteforce_joomla src -j REDIRECT --to-port 8080

Similar questions
S
Sergey2017-05-20 15:58:55
How to let only selected sites through vpn in OpenVPN? 3Reply
7
7761662021-05-07 13:17:05
How to connect to ssh/VPN from a non-standard port to an external server? 3Reply
C
CMZ2019-11-18 22:20:40
What needs to be done so that clients can see the server? 1Reply
A
Alexander Tartmin2015-07-11 10:42:20
How to leave open port only for localhost? 1Reply
N
Nikolai2017-06-20 13:01:27
How to implement port forwarding in firewalld? 0Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question