How do I deny incoming access to a specific IP address using linux iptables?
-
iptables is the command to use to setup firewall rules on Linux for IPv4 and NAT. These are just a few command, see the iptables man page for more details.
To list the firewall rules on all chains, INPUT, FORWARD & OUTPUT:
# iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination DROP tcp -- anywhere 10.x.x.x tcp dpt:ssh Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination
If you want packet information too use the following command:
# iptables -L INPUT -nv Chain INPUT (policy ACCEPT 18M packets, 2016M bytes) pkts bytes target prot opt in out source destination 48 14784 DROP tcp -- * * 0.0.0.0/0 10.x.x.x tcp dpt:22
Add a firewall rule to prevent access on ssh port 22 for IP address 10.x.x.x
# iptables -I INPUT -p tcp -d 10.x.x.x -m tcp --destination-port 22 -j DROP
Save the rules to a file:
# iptables-save > /etc/sysconfig/iptables
To delete a rule. First list the rules with line numbers using:
# iptables -L INPUT --line-numbers Chain INPUT (policy ACCEPT) num target prot opt source destination 1 DROP tcp -- anywhere 10.x.x.x tcp dpt:ssh
Then use the following command to delete the rule:
# iptables -D INPUT 1
© Lightnetics 2024