Use IPSet to Block Multiple IPs

Instead of adding individual IP addresses that need to be blocked to IPTables, it is easier to maintain a a single blacklist using IPSet and reference it in IPTables.

Install IPSet

Create the blacklist list

Tell IPTables to reference the newly created list

Add an IP to the list to test

Output the list

Expected output

Make ipset rules permanent by creating a config file

Ensure the rules are restored on reboot by adding the following to /etc/rc.local

Leave a Reply

Your email address will not be published. Required fields are marked *