19/09/2020
HomeE-LearningIptables: Unblock / Delete an IP Address Listed in IPtables Tables

Iptables: Unblock / Delete an IP Address Listed in IPtables Tables

By  E-Learning, Howtoforge, howtogeek, Tecmint, Uncategorized, Unixmen  0 Comments

Iptables is used to set up, maintain, and inspect the tables of IP packet filter rules in the Linux kernel. You can delete one or more rules from the selected chain. There are two versions of this command: the rule can be specified as a number in the chain (starting at 1 for the first rule) or a rule to match.

 

List existing chains

Type the following command to list current IPs in tables:
iptables -L -n
iptables -L -n -v
iptables -L chain-name -n -v
iptables -L spamips -n -v

List existing chains with line number

To display line number along with other information, enter:
iptables -L INPUT -n --line-numbers
iptables -L OUTPUT -n --line-numbers
iptables -L OUTPUT -n --line-numbers | less
iptables -L spamips -n -v --line-numbers
iptables -L spamips -n -v --line-numbers | grep 202.54.1.2

Chain droplist (3 references)
num   pkts bytes target     prot opt in     out     source               destination         
1        0     0 LOG        0    --  *      *       116.199.128.0/19     0.0.0.0/0           LOG flags 0 level 4 prefix `LASSO DROP Block' 
2        0     0 DROP       0    --  *      *       116.199.128.0/19     0.0.0.0/0           
3        0     0 LOG        0    --  *      *       116.50.8.0/21        0.0.0.0/0           LOG flags 0 level 4 prefix `LASSO DROP Block' 
4        0     0 DROP       0    --  *      *       116.50.8.0/21        0.0.0.0/0           
5        0     0 LOG        0    --  *      *       128.199.0.0/16       0.0.0.0/0           LOG flags 0 level 4 prefix `LASSO DROP Block' 
6        0     0 DROP       0    --  *      *       128.199.0.0/16       0.0.0.0/0           
7        0     0 LOG        0    --  *      *       132.232.0.0/16       0.0.0.0/0           LOG flags 0 level 4 prefix `LASSO DROP Block' 
8        0     0 DROP       0    --  *      *       132.232.0.0/16       0.0.0.0/0           
9      342 23317 LOG        0    --  *      *       134.175.0.0/16       0.0.0.0/0           LOG flags 0 level 4 prefix `LASSO DROP Block' 
10     342 23317 DROP       0    --  *      *       134.175.0.0/16       0.0.0.0/0           
11       0     0 LOG        0    --  *      *       134.33.0.0/16        0.0.0.0/0           LOG flags 0 level 4 prefix `LASSO DR

You will get the list of all blocked IP. Look at the number on the left, then use number to delete it. For example delete line number 10 (subner 134.175.0.0/16), enter:
iptables -D INPUT 10
You can also use the following syntax to delete / unblock an IP use the following syntax:
iptables -D INPUT -s xx.xxx.xx.xx -j DROP
iptables -D INPUT -s xx.xxx.xx.xx/yy -j DROP
iptables -D spamlist -s 202.54.1.2 -d 0/0 -j DROP
iptables -D spamlist -s 202.54.1.2/29 -d 0/0 -j DROP

Finally, make sure you save the firewall. Under CentOS / Fedora / RHEL / Redhat Linux type the following command:
# service iptables save
On a related note I recommend getting a good Linux command line and netfilter Firewall (iptables) book to understand all technical mumbo jumbo.

 

 

Here an example of an advanced IPTABLE function that you can create :

 

Read log and block any user calling a db.php file

for i in $(cat access_log | grep db.php | awk '{print $1}' | sort -u); do iptables -I INPUT -s $i -j DROP; done

 

 

Source : Cybercity

Tags:, , , , ,

Related Posts

About Author

adminus

Linux Windows & Networks System Administrator with some years of professional working experiance in the IT field. This is my personal blog where I make some notes and memo's on interesting materials.

Add a Comment