How to whitelist IP in the iptables while it is already there blocked?

P

postcd

Guest
Hello,

some application repeatedly blocking my IP in IPtables, (i dont know what is her motive and which one it is)

it always add it at the start of the INPUT chain. Here is whole INPUT chain:

Chain INPUT (policy ACCEPT)
num target prot opt source destination
1 DROP all -- my-ip-here.myprovider.tld anywhere
2 ACCEPT all -- my-ip-here.myprovider.tld anywhere
3 ACCEPT all -- anywhere anywhere
4 DROP all -- some-other-ip-i-want-to-block anywhere

at this state im blocked. So while considering IP is added at the beginning of the chain, please which exact command i can use to add rule that will always overide that first DROP rule for my IP? Thank You in advance
 


OP
R

Rodrigo

Guest
I know old post, but can be help someone else.

You can try this:
Code:
iptables -I  INPUT 1 -i <Interface> --src <ipaddress> -j ACCEPT
iptables -I  OUTPUT 1 -o <Interface> --dst <ipaddress> -j ACCEPT

If you are using fail2ban you can set a white
 

HostechSupport

New Member
Joined
Sep 17, 2018
Messages
13
Reaction score
4
Credits
0
If you read the man page of iptables, you can see the -A means

ACCEPT and the -D means DELETE..and ALSO a -L for LINE number, which allows you to delete a

specific rule. Add them up, and you get something like:
iptables -A INPUT -i interface -p tcp --dport destination-port -j ACCEPT

...becomes...

iptables -D INPUT -i interface -p tcp --dport destination-port -j ACCEPT

...OR...

iptables -L INPUT --line-numbers

..which will output the INPUT rules with line numbers. Based on that, if you would like to delete

second rule:

iptables -D INPUT 2
 
$100 Digital Ocean Credit
Get a free VM to test out Linux!

Linux.org Hosting Donations
Consider making a donation

Members online

No members online now.

Top