Syntax to block an IP address under Linux using IP tables:

iptables -A INPUT -s 123.45.67.89 -j DROP

Replace 123.45.67.89 with the IP in which you would like blocked.

  • For example, if you wish to block IP address 123.45.67.89

iptables -A INPUT -s 123.45.67.89 -j DROP

  • If you just want to block access to one port from IP 123.45.67.89, say, port 22:

iptables -A INPUT -s 123.45.67.89 -p tcp --destination-port 22 -j DROP

Listing IP tables rules by specification

To list out all of the active iptables rules by specification, run the iptables command with the -S option:

iptables -S

List Rules as Tables

Listing the iptables rules in the table view can be useful for comparing different rules against each other.

  • To output all of the active iptables rules in a table, run the iptables command with the -L option:
    iptables -L

List existing chains with line number

Of chains (INPUTOUTPUTTCP, etc.), you can specify the chain name directly after the -L option.

iptables -L INPUT -n --line-numbers

tyler@tylermade:~# iptables -L INPUT -n --line-numbers
Chain INPUT (policy DROP)
num target prot opt source destination
1 f2b-wordpress-hard tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 80,443
2 f2b-wordpress-soft tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 80,443
3 f2b-sshd tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 22
4 ufw-before-logging-input all -- 0.0.0.0/0 0.0.0.0/0
5 ufw-before-input all -- 0.0.0.0/0 0.0.0.0/0
6 ufw-after-input all -- 0.0.0.0/0 0.0.0.0/0
7 ufw-after-logging-input all -- 0.0.0.0/0 0.0.0.0/0
8 ufw-reject-input all -- 0.0.0.0/0 0.0.0.0/0
9 ufw-track-input all -- 0.0.0.0/0 0.0.0.0/0
10 DROP all -- 123.45.67.89 0.0.0.0/0

 

Unblock / Delete an IP Address

So now that you’ve blocked an IP address, what do you do if you want to remove the block?

We have two ways:

  • You can list the rules by number and delete the line by number

iptables -D INPUT 10

  • Or you can specify to reverse the DROP rule we just created:

iptables -D INPUT -s 123.45.67.89 -j DROP


0 Comments

Leave a Reply