A failry cheap and somewhat portective way to block ips!
--------------------------------
(I d not guarantee it is a permanent way to block, as no device connected to the internet is safe!)
Here is may be something you might be wanting:
Buy a fairly cheap old linksys g router and setup the "dmz"/port forward to the ip of old router to your router as network diagram shown:
isp internet > ddwrt router > current router
The ddwrt would then be a "firewall router"
So:
BLOCK INCOMING IP USING DD-WRT (IPTABLES)
First, log into DDWRT router
(*if ssh acess is aviable you can test the comands via option >my firewall via ssh to get a rule in place immediately:)
Command:
iptables -I CHAIN -s xxx.xxx.xxx.xxx -j DROP
(Listing the rules:
Command:
iptables -L --line-number
which will show somethign like this:
1 DROP 0 — ppp-xxx.xxx.xxx.xxx.revip.proen.co.th anywhere
(upon restart if your router as if commands are only add it via ssh, it will be gone!)
--------------------
--------------------
so we need to save our Commands:
iptables -I CHAIN -s xxx.xxx.xxx.xxx -j DROP
--------------------
open your router's web gui
xxx.xxx.xxx.xxx/Diagnostics.asp
(administrations > Commands)
iptables -I CHAIN -s xxx.xxx.xxx.xxx -j DROP
Clicked the “Save Firewall” button.
That's it, this guarantees that upon reboot that ddwrt firewall will not let the ip address in!
-----As i'[m curently testing htis as i write it--------
I went ahead and rebooted to confirm the new rule was loaded at startup.
No more auth attempts from that IP.
NOTE 1: This method will drop ALL TRAFFIC from the listed IP. Play for keeps!
NOTE 2: If this is your Public IP, you need to check yo’ self before you wreck yo’ self…
ddwrt iptable commands:
http://www.dd-wrt.com/wiki/index.php/Iptables_command