0

I'm currently using iptables to block access to known ip ranges used by spam servers (specifically Ubiquity servers). My concern is that over time I know that ip ranges can change hands and I don't want the possibility of ever blocking legitimate users.

Rather than just drop the connection via -j DROP is it possible to direct that IP range to a single webpage that would say something like "We think you're a spammer. If you're not please email us"? Can this be done via iptables? Or do I need to use htaccess for this?

Improve this question

1 Answer 1

Reset to default
0

This can be done with iptable. For example, you can DNAT them to another public IP on a server hosting the single webpage.

Improve this answer
2
  • could you possibly give me an example rule that would do that? Commented Aug 17, 2012 at 22:05
  • I have not anymore since I stopped using iptable but if you add -s 1.2.3.4 and --dport 80, 1.2.3.4 being the ip of the spammer, you can try using example #1 of chapter 6.2 netfilter.org/documentation/HOWTO/NAT-HOWTO-6.html Commented Aug 17, 2012 at 22:19

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.