How to Block an IP Range with IPTables

If you want to block a range of IP addresses from accessing your CentOS server you can issue the following IPTables firewall command:

/sbin/iptables -I INPUT -m iprange --src-range 192.168.1.1-192.168.1.2.100 -j DROP

Replace “192.168.1.1-192.168.1.2.100” with the IP range you want to block. This command only works with the IPTables firewall so if your operating system is using a different firewall then this command will not work.

Here is another example which uses CIDR notation to specify the IP range:

/sbin/iptables -I INPUT -s 192.168.1.1/25 -j DROP

If you restart your server, the drop command will be removed. If you want this command to persist through reboots, then you’ll need to add it to a startup script.

How to Remove Saved SSL Certificates in Filezilla

If you have Filezilla installed in Windows XP delete the following user specific file:

\Documents and Settings\UserName\Application Data\FileZilla\trustedcerts.xml

Replace “UserName” with the username of the user account that was running the Filezilla program when the SSL certificates were saved.

If you have Filezilla installed in Vista delete the following file:

C:\Program Files (x86)\FileZilla\Trusted Certs.dat

Change “C:\Program Files (x86)\FileZilla\” to the directory you installed Filezilla to if you did not go with the default installation location.

SSL Certificate
SSL Certificate

PHP Parse error: syntax error, unexpected $end

The following error may appear in your Apache error log file or displayed on a PHP web page:

Parse Error: syntax error, unexpected $end in ….. scripts.php on line …

If you are running PHP 5 then that means you probably need to enable the PHP configuration file option “short_open_tag”. In your php.ini file enable the option as follows:

short_open_tag = On

Portecle Error: Could not load keystore as type PKCS12

If you encounter the error

net.sf.portecle.crypto.CryptoException: Could not load keystore as type PKCS12

while trying to open an OpenSSL created PKCS12 type keystore file, that means you need to install the Java Unlimited Strength Jurisdiction Policy files into your JAVA runtime environment. Due to U.S. export restrictions, practically all JAVA runtime environments are crippled such that they cannot utilize high encryption algorithms. You must manually install the “Unlimited Strength Jurisdiction Policy” files from the JAVA homepage and install them into your JAVA runtime environment.

You can download the “Unlimited Strength Jurisdiction Policy” files from the official JAVA download site: http://java.sun.com/javase/downloads/

Usually the policy files are installed into the ./lib/security subdirectory of your JAVA runtime environment directory.