HOW TO BLOCK AN IP ADDRESS BY USING IPTABLES

HOW TO BLOCK AN IP ADDRESS BY USING IPTABLES

How to block incoming traffic with Iptables

After using this Kamandi adversely all incoming packets from ip address 192.168.1.111 will reset

iptables-I INPUT-s 192.168.1.111-j DROP
You can also specify the interface on which come packages for example eth0 and write kamndu so

iptables-I INPUT-i eth0-s 192.168.1.111-j DROP
If the team will add a “!” -the argument that the team will be inverted

iptables-I INPUT! -i eth0-s 192.168.1.111-j DROP
If we have many interfaces that start of eth and Hatim block incoming traffic to all these you should write interface command with the “+” argument

iptables-I INPUT-i eth +-s 192.168.1.111-j DROP
You can also use the-A argument (append) in place-I (insert)

iptables-A INPUT-s 192.168.1.111-j DROP
How to block incoming traffic on the subnet

In order to block a subnet should use the following command

iptables-i eth1-A INPUT-s 192.168.1.0/24-j DROP
How to block incoming traffic on a subnet and add them to a log file

In order to block a subnet and add the blocking of ip address in a log file to use this command

iptables-i eth0-A INPUT-s 192.168.1.0/24-j LOG-log-prefix “DROP IP SPOOF (A):”
How to see the list of blocked ip addresses

Using these commands, you can look at the list of blocked ip addresses

iptables-L-v
iptables-L INPUT v
iptables-L INPUT-v-n
The output will be

Chain INPUT (policy ACCEPT 3107 k packets, 1847M bytes)
pkts bytes target prot opt in out source destination
0 0 DROP all-br + any 192.168.1.111 anywhere
0 0 DROP all-any 192.168.1.111 eth1 anywhere!
0 0 DROP all-any 192.168.1.111 eth1 anywhere!
How to find the ip address in the list of blocked ip addresses

To search bl├Ękliste to use this command

iptables-L INPUT-v-n | grep 192.168.1.111
How to remove blocked ip addresses from the list

To remove an ip address from the blocked it is necessary to use this command

iptables-a INPUT-s 192.168.1.111 D-j DROP