{"id":350,"date":"2020-05-28T18:11:58","date_gmt":"2020-05-29T01:11:58","guid":{"rendered":"https:\/\/SUMMALAI.COM\/?p=350"},"modified":"2020-05-28T18:11:58","modified_gmt":"2020-05-29T01:11:58","slug":"how-to-block-an-ip-by-iptables-red-hat-6-2","status":"publish","type":"post","link":"https:\/\/SUMMALAI.COM\/?p=350","title":{"rendered":"How to block an IP  by iptables (Red hat 6.2)"},"content":{"rendered":"\n<p>How to block an IP&nbsp; by iptables (Red hat 6.2)<\/p>\n\n\n\n<p>Solution 1:<\/p>\n\n\n\n<p>Adjust the config file:<\/p>\n\n\n\n<p>Vim \/etc\/sysconfig\/iptables<\/p>\n\n\n\n<p>Solution 2:<\/p>\n\n\n\n<p>Syntax to block an IP address under Linux<\/p>\n\n\n\n<p>iptables -A INPUT -s IP-ADDRESS -j DROP<\/p>\n\n\n\n<p>Replace IP-ADDRESS with your actual IP address. For example, if you wish to block an ip address 65.55.44.100 for whatever reason then type the command as follows:<br># iptables -A INPUT -s 65.55.44.100 -j DROP<br>If you have IP tables firewall script, add the above rule to your script.<\/p>\n\n\n\n<p>If you just want to block access to one port from an ip 65.55.44.100 to port 25 then type command:<br># iptables -A INPUT -s 65.55.44.100 -p tcp &#8211;destination-port 25 -j DROP<br>The above rule will drop all packets coming from IP 65.55.44.100 to port mail server port 25.<\/p>\n\n\n\n<p>CentOS \/ RHEL \/ Fedora Block An IP And Save It To Config File<\/p>\n\n\n\n<p>Type the following two command:<br># iptables -A INPUT -s 65.55.44.100 -j DROP<br># service iptables save<\/p>\n\n\n\n<p>How Do I Unblock An IP Address?<\/p>\n\n\n\n<p>Use the following syntax (the -d options deletes the rule from table):<br># iptables -D INPUT -s xx.xxx.xx.xx -j DROP<br># iptables -D INPUT -s 65.55.44.100 -j DROP<br># service iptables save<\/p>\n\n\n\n<p>~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~<\/p>\n\n\n\n<p>Below, it is a real sample from on my web server<\/p>\n\n\n\n<p>Filename: \/etc\/sysconfig\/iptables<\/p>\n\n\n\n<p># Generated by iptables-save v1.4.7 on Fri Sep&nbsp; 9 13:20:32 2016<\/p>\n\n\n\n<p>*filter<\/p>\n\n\n\n<p>:INPUT ACCEPT [0:0]<\/p>\n\n\n\n<p>:FORWARD ACCEPT [0:0]<\/p>\n\n\n\n<p>:OUTPUT ACCEPT [37846:10291259]<\/p>\n\n\n\n<p>-A INPUT -s 37.1.213.195\/32 -j DROP<\/p>\n\n\n\n<p>-A INPUT -s 191.96.249.53\/32 -p tcp -m tcp &#8211;dport 443 -j DROP<\/p>\n\n\n\n<p>-A INPUT -s 191.96.249.53\/32 -p tcp -m tcp &#8211;dport 80 -j DROP<\/p>\n\n\n\n<p>-A INPUT -s 191.96.249.54\/32 -p tcp -m tcp &#8211;dport 80 -j DROP<\/p>\n\n\n\n<p>-A INPUT -s 191.96.249.54\/32 -p tcp -m tcp &#8211;dport 443 -j DROP<\/p>\n\n\n\n<p>-A INPUT -p tcp -m tcp &#8211;dport 2323 -j ACCEPT<\/p>\n\n\n\n<p>-A INPUT -m state &#8211;state RELATED,ESTABLISHED -j ACCEPT<\/p>\n\n\n\n<p>-A INPUT -p icmp -j ACCEPT<\/p>\n\n\n\n<p>-A INPUT -p tcp -m tcp &#8211;dport 20001:21000 -j ACCEPT<\/p>\n\n\n\n<p>-A INPUT -i lo -j ACCEPT<\/p>\n\n\n\n<p>-A INPUT -p tcp -m state &#8211;state NEW -m tcp &#8211;dport 22 -j ACCEPT<\/p>\n\n\n\n<p>-A INPUT -p tcp -m state &#8211;state NEW -m tcp &#8211;dport 80 -j ACCEPT<\/p>\n\n\n\n<p>-A INPUT -p tcp -m state &#8211;state NEW -m tcp &#8211;dport 443 -j ACCEPT<\/p>\n\n\n\n<p>-A INPUT -p tcp -m state &#8211;state NEW -m tcp &#8211;dport 631 -j ACCEPT<\/p>\n\n\n\n<p>-A INPUT -j REJECT &#8211;reject-with icmp-host-prohibited<\/p>\n\n\n\n<p>-A FORWARD -j REJECT &#8211;reject-with icmp-host-prohibited<\/p>\n\n\n\n<p>COMMIT<\/p>\n\n\n\n<p># Completed on Fri Sep&nbsp; 9 13:20:32 2016<\/p>\n","protected":false},"excerpt":{"rendered":"<p>How to block an IP&nbsp; by iptables (Red hat 6.2) Solution 1: Adjust the config file: Vim \/etc\/sysconfig\/iptables Solution 2: Syntax to block an IP address under Linux iptables -A INPUT -s IP-ADDRESS -j DROP Replace IP-ADDRESS with your actual IP address. For example, if you wish to block an ip address 65.55.44.100 for whatever <a class=\"read-more\" href=\"https:\/\/SUMMALAI.COM\/?p=350\">Read More<\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_bbp_topic_count":0,"_bbp_reply_count":0,"_bbp_total_topic_count":0,"_bbp_total_reply_count":0,"_bbp_voice_count":0,"_bbp_anonymous_reply_count":0,"_bbp_topic_count_hidden":0,"_bbp_reply_count_hidden":0,"_bbp_forum_subforum_count":0,"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[5],"tags":[],"class_list":["post-350","post","type-post","status-publish","format-standard","hentry","category-linux"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/SUMMALAI.COM\/index.php?rest_route=\/wp\/v2\/posts\/350","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/SUMMALAI.COM\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/SUMMALAI.COM\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/SUMMALAI.COM\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/SUMMALAI.COM\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=350"}],"version-history":[{"count":0,"href":"https:\/\/SUMMALAI.COM\/index.php?rest_route=\/wp\/v2\/posts\/350\/revisions"}],"wp:attachment":[{"href":"https:\/\/SUMMALAI.COM\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=350"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/SUMMALAI.COM\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=350"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/SUMMALAI.COM\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=350"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}