Wednesday, March 3, 2010

Iptables Find / Check Banned IP Address

Linux: Iptables Find / Check Banned IP Address


How do I find or check IP's that are currently banned using iptables command in Linux? How do I verify that IP address 1.2.3.4 is banned or not in Linux?

The correct syntax to block an IP address under Linux using iptables is as follows:
 
/sbin/iptables -A INPUT -s BAN-IP-ADDRESS -j DROP
/sbin/iptables -A INPUT -s BAN-IP-ADDRESS/MASK -j DROP
 
Open a command-line terminal (select Applications > Accessories > Terminal), or login to remote server using the ssh and then type the following command block an ip address 1.2.3.4 as follows:

# /sbin/iptables -A INPUT -s 65.55.44.100 -j DROP

To view blocked IP address, enter:

# iptables -L INPUT -v -n

OR

# iptables -L INPUT -v -n | less

Task: Check Banned IP's Linux

Use the grep command as follows to verify that an IP address 1.2.3.4 is blocked or not:

# iptables -L INPUT -v -n | grep "1.2.3.4"

How Do I Delete or Unblock IP Address 1.2.3.4?

Use the following syntax to delete or unblock an IP address under Linux, enter:

# iptables -D INPUT -s 1.2.3.4 -j DROP

Finally, make sure you save the firewall:

# service iptables save
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)