I run CentOS on my server, and I often find that my server is being attacked by other computers. Brute force SSH attacks, port scanning, viruses scanning for the ability to spread, things like that. In this article, I’ll show you how to block an IP address on Linux server using IPTables.

The First, I’ll assume you are already using iptables. If you need help setting that up, read this article.

How do I block an IP address ?

Example I want to block incoming request from IP 1.2.3.4, login as root and type the following command

# iptables -I INPUT -s 1.2.3.4 -j DROP

Where,
– I: Inserts the chain at the top of the rules.
– s: Match source IP address.
– j: Jump to the specified target chain when the packet matches the current rule.

To drop packets coming in on interface eth0 from 1.2.3.4, type the following command

# iptables -I INPUT -i eth0 -s 1.2.3.4 -j DROP

How do I block a subnet ?

Use the following syntax to block 10.0.0.0/8

# iptables -I INPUT -s 10.0.0.0/8 -j DROP

How do I save blocked IP address ?

To save blocked IP address to iptables config file, type the following command

# service iptables save

Or

# /etc/init.d/iptables save

How Do I Unblock An IP Address?

First, you need to display blocked IP address along with line number and other information, type the following command

# iptables -L INPUT -n --line-numbers
# iptables -L INPUT -n --line-numbers | grep 1.2.3.4

Sample outputs:

Chain INPUT (policy DROP)
num  target     prot opt source               destination
1    DROP       all  --  1.2.3.4              0.0.0.0/0
2    LOCALINPUT  all  --  0.0.0.0/0            0.0.0.0/0
3    ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0
4    ACCEPT     udp  --  203.162.4.1          0.0.0.0/0           udp spts:1024:65535 dpt:53

To unblock 1.2.3.4 you must delete line number 1, enter:

# iptables -D INPUT 1

The post How Do I Block An IP Address On Linux Server ? appeared first on lifeLinux: Linux Tips, Hacks, Tutorials, Ebooks.

CentOS / RedHat Linux server and by default firewall blocked out everything including telnet access. How do I allow telnet – port 23 thought Linux iptables firewall ?

Method 1:

Login as root account and type the following command

[root@lifelinux ~]# iptables -A INPUT -m state --state NEW -p tcp --dport 23 -j ACCEPT

Save rule to /etc/sysconfig/iptables

[root@lifelinux ~]# iptables-save > /etc/sysconfig/iptables

Method 2:

Login as the root user and open /etc/sysconfig/iptables file, enter:

[root@lifelinux ~]# vi /etc/sysconfig/iptables

Add the following line:

-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 23 -j ACCEPT

The final:

Save and close the file. Restart the firewall:

[root@lifelinux ~]# /etc/init.d/iptables restart

The post How To Allow Telnet Through IPTables Under Centos / RedHat appeared first on lifeLinux: Linux Tips, Hacks, Tutorials, Ebooks.