macmladen · January 30, 2025 03:32
diff --git a/lll b/lll
 ## [Quick How-To deny/allow IP using iptables](http://safesrv.net/quick-how-to-denyallow-ip-using-iptables/)

 23 Jan 2012

 How to block an IP using iptables?

 `$ iptables -A INPUT -s xx.xx.xx.xx -j DROP`

 How to block an IP for a specific port:

 `$ iptables -A INPUT -p tcp -s xx.xx.xx.xx --dport PORT -j DROP`

 How to allow access to an IP?

 `$ iptables -A INPUT -s xx.xx.xx.xx -j ACCEPT`

 How to allow access to an IP to a specific port using iptables?

 `$ iptables -A INPUT -p tcp -s xx.xx.xx.xx --dport PORT -j ACCEPT`

 where, xx.xx.xx.xx is the remote IP address and PORT is the port number you wish to allow/deny access to.

 How to block a scanner on your server for example “w00tw00t.at.ISC.SANS” using iptables?

 `$ iptables -I INPUT -p tcp --dport 80 -m string --algo bm  --string 'GET /w00tw00t.at.ISC.SANS.' -j DROP`

 ## [Iptables: Unblock / Delete an IP Address Listed in IPtables Tables](http://www.cyberciti.biz/faq/iptables-delete-ip-address-subnet-from-linux-firewall/)

 by NIXCRAFT on JANUARY 23, 2009
 LAST UPDATED FEBRUARY 15, 2011
 in BASH SHELL, CENTOS, DEBIAN / UBUNTU

 I am a brand new user of a Linux iptables and I can't find how to instruct my iptables to delete or unblock an IP address listed in iptables firewall. I'm using Debian Linux version. Can you help please?

 Iptables is used to set up, maintain, and inspect the tables of IP packet filter rules in the Linux kernel. You can delete one or more rules from the selected chain. There are two versions of this command: the rule can be specified as a number in the chain (starting at 1 for the first rule) or a rule to match.

 List existing chains

 ```
 Type the following command to list current IPs in tables:
 iptables -L -n
 iptables -L -n -v
 iptables -L chain-name -n -v
 iptables -L spamips -n -v
 ```

 List existing chains with line number

 ```
 To display line number along with other information, enter:
 iptables -L INPUT -n --line-numbers
 iptables -L OUTPUT -n --line-numbers
 iptables -L OUTPUT -n --line-numbers | less
 iptables -L spamips -n -v --line-numbers
 iptables -L spamips -n -v --line-numbers | grep 202.54.1.2
 ```

 ```
 Chain droplist (3 references)
 num   pkts bytes target     prot opt in     out     source               destination
 1        0     0 LOG        0    --  *      *       116.199.128.0/19     0.0.0.0/0           LOG flags 0 level 4 prefix `LASSO DROP Block'
 2        0     0 DROP       0    --  *      *       116.199.128.0/19     0.0.0.0/0
 3        0     0 LOG        0    --  *      *       116.50.8.0/21        0.0.0.0/0           LOG flags 0 level 4 prefix `LASSO DROP Block'
 4        0     0 DROP       0    --  *      *       116.50.8.0/21        0.0.0.0/0
 5        0     0 LOG        0    --  *      *       128.199.0.0/16       0.0.0.0/0           LOG flags 0 level 4 prefix `LASSO DROP Block'
 6        0     0 DROP       0    --  *      *       128.199.0.0/16       0.0.0.0/0
 7        0     0 LOG        0    --  *      *       132.232.0.0/16       0.0.0.0/0           LOG flags 0 level 4 prefix `LASSO DROP Block'
 8        0     0 DROP       0    --  *      *       132.232.0.0/16       0.0.0.0/0
 9      342 23317 LOG        0    --  *      *       134.175.0.0/16       0.0.0.0/0           LOG flags 0 level 4 prefix `LASSO DROP Block'
 10     342 23317 DROP       0    --  *      *       134.175.0.0/16       0.0.0.0/0
 11       0     0 LOG        0    --  *      *       134.33.0.0/16        0.0.0.0/0           LOG flags 0 level 4 prefix `LASSO DR
 ```

 You will get the list of all blocked IP. Look at the number on the left, then use number to delete it. For example delete line number 10 (subner 134.175.0.0/16), enter:

 `$ iptables -D INPUT 10`

 You can also use the following syntax to delete / unblock an IP use the following syntax:

 ```
 iptables -D INPUT -s xx.xxx.xx.xx -j DROP
 iptables -D INPUT -s xx.xxx.xx.xx/yy -j DROP
 iptables -D spamlist -s 202.54.1.2 -d 0/0 -j DROP
 iptables -D spamlist -s 202.54.1.2/29 -d 0/0 -j DROP
 ```

 Finally, make sure you save the firewall. Under CentOS / Fedora / RHEL / Redhat Linux type the following command:
 `$ service iptables save`
	## [Quick How-To deny/allow IP using iptables](http://safesrv.net/quick-how-to-denyallow-ip-using-iptables/)

	23 Jan 2012

	How to block an IP using iptables?

	`$ iptables -A INPUT -s xx.xx.xx.xx -j DROP`

	How to block an IP for a specific port:

	`$ iptables -A INPUT -p tcp -s xx.xx.xx.xx --dport PORT -j DROP`

	How to allow access to an IP?

	`$ iptables -A INPUT -s xx.xx.xx.xx -j ACCEPT`

	How to allow access to an IP to a specific port using iptables?

	`$ iptables -A INPUT -p tcp -s xx.xx.xx.xx --dport PORT -j ACCEPT`

	where, xx.xx.xx.xx is the remote IP address and PORT is the port number you wish to allow/deny access to.

	How to block a scanner on your server for example “w00tw00t.at.ISC.SANS” using iptables?

	`$ iptables -I INPUT -p tcp --dport 80 -m string --algo bm --string 'GET /w00tw00t.at.ISC.SANS.' -j DROP`

	## [Iptables: Unblock / Delete an IP Address Listed in IPtables Tables](http://www.cyberciti.biz/faq/iptables-delete-ip-address-subnet-from-linux-firewall/)

	by NIXCRAFT on JANUARY 23, 2009
	LAST UPDATED FEBRUARY 15, 2011
	in BASH SHELL, CENTOS, DEBIAN / UBUNTU

	I am a brand new user of a Linux iptables and I can't find how to instruct my iptables to delete or unblock an IP address listed in iptables firewall. I'm using Debian Linux version. Can you help please?

	Iptables is used to set up, maintain, and inspect the tables of IP packet filter rules in the Linux kernel. You can delete one or more rules from the selected chain. There are two versions of this command: the rule can be specified as a number in the chain (starting at 1 for the first rule) or a rule to match.

	List existing chains

	```
	Type the following command to list current IPs in tables:
	iptables -L -n
	iptables -L -n -v
	iptables -L chain-name -n -v
	iptables -L spamips -n -v
	```

	List existing chains with line number

	```
	To display line number along with other information, enter:
	iptables -L INPUT -n --line-numbers
	iptables -L OUTPUT -n --line-numbers
	iptables -L OUTPUT -n --line-numbers \| less
	iptables -L spamips -n -v --line-numbers
	iptables -L spamips -n -v --line-numbers \| grep 202.54.1.2
	```

	```
	Chain droplist (3 references)
	num pkts bytes target prot opt in out source destination
	1 0 0 LOG 0 -- * * 116.199.128.0/19 0.0.0.0/0 LOG flags 0 level 4 prefix `LASSO DROP Block'
	2 0 0 DROP 0 -- * * 116.199.128.0/19 0.0.0.0/0
	3 0 0 LOG 0 -- * * 116.50.8.0/21 0.0.0.0/0 LOG flags 0 level 4 prefix `LASSO DROP Block'
	4 0 0 DROP 0 -- * * 116.50.8.0/21 0.0.0.0/0
	5 0 0 LOG 0 -- * * 128.199.0.0/16 0.0.0.0/0 LOG flags 0 level 4 prefix `LASSO DROP Block'
	6 0 0 DROP 0 -- * * 128.199.0.0/16 0.0.0.0/0
	7 0 0 LOG 0 -- * * 132.232.0.0/16 0.0.0.0/0 LOG flags 0 level 4 prefix `LASSO DROP Block'
	8 0 0 DROP 0 -- * * 132.232.0.0/16 0.0.0.0/0
	9 342 23317 LOG 0 -- * * 134.175.0.0/16 0.0.0.0/0 LOG flags 0 level 4 prefix `LASSO DROP Block'
	10 342 23317 DROP 0 -- * * 134.175.0.0/16 0.0.0.0/0
	11 0 0 LOG 0 -- * * 134.33.0.0/16 0.0.0.0/0 LOG flags 0 level 4 prefix `LASSO DR
	```

	You will get the list of all blocked IP. Look at the number on the left, then use number to delete it. For example delete line number 10 (subner 134.175.0.0/16), enter:

	`$ iptables -D INPUT 10`

	You can also use the following syntax to delete / unblock an IP use the following syntax:

	```
	iptables -D INPUT -s xx.xxx.xx.xx -j DROP
	iptables -D INPUT -s xx.xxx.xx.xx/yy -j DROP
	iptables -D spamlist -s 202.54.1.2 -d 0/0 -j DROP
	iptables -D spamlist -s 202.54.1.2/29 -d 0/0 -j DROP
	```

	Finally, make sure you save the firewall. Under CentOS / Fedora / RHEL / Redhat Linux type the following command:
	`$ service iptables save`