Casbay Knowledge Base

Search our articles or browse by category below

HOW TO: Check if IP is blocked from IPtables

Last modified: December 9, 2020
Estimated reading time: 1 min

HOW TO: Check if IP is blocked from IPtables

Checking if an IP is blocked in IPTABLES

Iptables is a program that utilizes policy chains to configure the IP packet filter rules of Linux kernel firewall in order to allow or block traffic. For instance, this firewall can be installed to your Linux Dedicated or Virtual Server to secure your server workloads. Let’s say if a user attempts to SSH into your server, iptables will try to match the IP address and port to a rule in the input chain. 

Check if IP is blocked:

iptables -L -n –line | grep [IP Address]

If IP appear as DROP or REJECT, the IP in the IPTable has been blocked

Therefore, you would need to unblock the IP Address:

iptables -I INPUT -s [IP Address] -j ACCEPT

And this is how to block back an IP Address:

iptables -A INPUT -d [IP Address] -j DROP

service iptables save

===============================================================

To unblock an IP from the CSF from SSH, please follow the steps below:

Step 1 of 3

Firstly, to check if the CSF has blocked the IP, please execute the following command:

csf -g IP_address

Note: IP_address being the specific IP you wish to check.

Step 2 of 3

Secondly, if the IP is denied and you wish to remove it, please execute the following command:

csf -dr IP_address

Step 3 of 3

Lastly, to complete the process, you will need to restart CSF for the changes to take effect:

csf -r

==============================================================

Note: The ull path to IPTABLES is /sbin/iptables, but you can replace command # iptables with /sbin/iptables

Click to read-> HOW TO: Block all ports in IPtables

Also, you can visit our Knowledge Base to look for other articles.

Was this article helpful?
Dislike 0