Purchase Linux CDs / DVDs / Flash Drives at OSDisc.com

Welcome to Our Community

While Linux.org has been around for a while, we recently changed management and had to purge most of the content (including users). If you signed up before April 23rd, 2017 please sign up again. Thanks!

How to whitelist IP in the iptables while it is already there blocked?

Discussion in 'Server Security' started by postcd, Feb 19, 2016.

  1. postcd

    postcd Guest

    Hello,

    some application repeatedly blocking my IP in IPtables, (i dont know what is her motive and which one it is)

    it always add it at the start of the INPUT chain. Here is whole INPUT chain:


    (Log in to hide this advertisement)


    at this state im blocked. So while considering IP is added at the beginning of the chain, please which exact command i can use to add rule that will always overide that first DROP rule for my IP? Thank You in advance
     
  2. Rodrigo

    Rodrigo Guest

    I know old post, but can be help someone else.

    You can try this:
    Code:
    iptables -I  INPUT 1 -i <Interface> --src <ipaddress> -j ACCEPT
    iptables -I  OUTPUT 1 -o <Interface> --dst <ipaddress> -j ACCEPT
    If you are using fail2ban you can set a white
     
    1 person likes this.
  3. HostechSupport

    HostechSupport New Member

    Joined:
    Sep 17, 2018
    Messages:
    4
    Likes Received:
    3
    If you read the man page of iptables, you can see the -A means

    ACCEPT and the -D means DELETE..and ALSO a -L for LINE number, which allows you to delete a

    specific rule. Add them up, and you get something like:
    iptables -A INPUT -i interface -p tcp --dport destination-port -j ACCEPT

    ...becomes...

    iptables -D INPUT -i interface -p tcp --dport destination-port -j ACCEPT

    ...OR...

    iptables -L INPUT --line-numbers

    ..which will output the INPUT rules with line numbers. Based on that, if you would like to delete

    second rule:

    iptables -D INPUT 2
     

Share This Page