How to whitelist IP in the iptables while it is already there blocked?

P

postcd

Guest
Hello,

some application repeatedly blocking my IP in IPtables, (i dont know what is her motive and which one it is)

it always add it at the start of the INPUT chain. Here is whole INPUT chain:

Chain INPUT (policy ACCEPT)
num target prot opt source destination
1 DROP all -- my-ip-here.myprovider.tld anywhere
2 ACCEPT all -- my-ip-here.myprovider.tld anywhere
3 ACCEPT all -- anywhere anywhere
4 DROP all -- some-other-ip-i-want-to-block anywhere
at this state im blocked. So while considering IP is added at the beginning of the chain, please which exact command i can use to add rule that will always overide that first DROP rule for my IP? Thank You in advance
 


R

Rodrigo

Guest
I know old post, but can be help someone else.

You can try this:
Code:
iptables -I  INPUT 1 -i <Interface> --src <ipaddress> -j ACCEPT
iptables -I  OUTPUT 1 -o <Interface> --dst <ipaddress> -j ACCEPT
If you are using fail2ban you can set a white
 

HostechSupport

New Member
If you read the man page of iptables, you can see the -A means

ACCEPT and the -D means DELETE..and ALSO a -L for LINE number, which allows you to delete a

specific rule. Add them up, and you get something like:
iptables -A INPUT -i interface -p tcp --dport destination-port -j ACCEPT

...becomes...

iptables -D INPUT -i interface -p tcp --dport destination-port -j ACCEPT

...OR...

iptables -L INPUT --line-numbers

..which will output the INPUT rules with line numbers. Based on that, if you would like to delete

second rule:

iptables -D INPUT 2
 

Members online


Latest posts

Top