How to block and unblock IP addresses using iptables
How to block and unblock IP addresses using iptables
Right, so straight out, how do you block and unblock IP addresses on a server? Beginner stumble on this a lot of times, they believe that using a GUI for managing their server is much better and safer (in a way I do agree, most control panels have certain security measures that prevent doing a stupid thing), however working on a low level ground using a GUI is not the best thing, especially when working with firewalls.
It is good to use the normal firewall client from CLI (command line interface) to handle the firewall rules on your server.
What is iptables ?
Well for those who really wish to know in real detail, kindly follow:
http://en.wikipedia.org/wiki/Iptables
In a few words, the iptables are *tables* containing firewall rules provided by the linux kernel firewall.
How do you block an IP address:
If you wish to block an IP address that tries to connect to your server, you can use the example command:
1 2 |
/usr/sbin/iptables -A INPUT -s *IP-ADDRESS-TO-BLOCK* -j DROP /usr/sbin/iptables -A INPUT -s 23.24.25.1 -j DROP |
How do you unblock an IP address:
Well this is a bit similar, only instead of adding a firewall rule, you delete the firewall rule, for example:
1 2 |
/usr/sbin/iptables -D INPUT -s *IP-ADDRESS-TO-BLOCK* -j DROP /usr/sbin/iptables -D INPUT -s 23.24.25.1 -j DROP |
And that is all, however please do keep in mind, the rules take action immediately, if you do not properly set the rules you may risk to have your access blocked or to restrict certain services to your server.