HOW TO: Check if IP is blocked from IPtables
Checking if an IP is blocked in IPTABLES
Iptables is a program that utilizes policy chains to configure the IP packet filter rules of Linux kernel firewall in order to allow or block traffic. For instance, this firewall can be installed to your Linux Dedicated or Virtual Server to secure your server workloads. Let’s say if a user attempts to SSH into your server, iptables will try to match the IP address and port to a rule in the input chain.
Check if IP is blocked:
iptables -L -n –line | grep [IP Address]
If IP appear as DROP or REJECT, the IP in the IPTable has been blocked
Therefore, you would need to unblock the IP Address:
iptables -I INPUT -s [IP Address] -j ACCEPT
And this is how to block back an IP Address:
iptables -A INPUT -d [IP Address] -j DROP
service iptables save
===============================================================
To unblock an IP from the CSF from SSH, please follow the steps below:
Step 1 of 3
Firstly, to check if the CSF has blocked the IP, please execute the following command:
csf -g IP_address
Note: IP_address being the specific IP you wish to check.
Step 2 of 3
Secondly, if the IP is denied and you wish to remove it, please execute the following command:
csf -dr IP_address
Step 3 of 3
Lastly, to complete the process, you will need to restart CSF for the changes to take effect:
csf -r
==============================================================
Note: The ull path to IPTABLES is /sbin/iptables, but you can replace command # iptables with /sbin/iptables
Click to read-> HOW TO: Block all ports in IPtables
Also, you can visit our Knowledge Base to look for other articles.