Today we will learn how to block and unblock IP addresses in Linux. Want to block an abusive IP on your Linux server or is the server experiencing abuse attacks from a specific IP? Today, we will show you how we can block a specific IP address and block IPs on a specific port.
This guide will work on almost all Linux distributions with iptables. iptables is a user-space utility program that allows a system administrator to configure the Linux kernel firewall (implemented as various netfilter modules) and the tables[2] provided by the chains and rules it stores. Different kernel modules and programs are currently used for different protocols; iptables IPv4, ip6tables IPv6, arptables ARP, and ebtables apply to Ethernet frames.
Managing iptables requires elevated privileges and must be executed by the root user, otherwise, it fails to work. On most Linux systems, iptables is installed as /usr/sbin/iptables and documented in its man pages, which can be opened using man iptables during installation. It can also be found in /sbin/iptables, but since iptables is more like a service rather than a “required binary”, the preferred location remains /usr/sbin.
Requirements For block and unblock IP address in Linux
Root access on Linux systems
Procedure
– Log in to the server as the root user.
– Follow the syntax below for different iptables rules.
Note: Replace IP-ADDRESS-HERE with a port with the specified IP address and port number.
Add iptables rules to block IP addresses
iptables -A INPUT -s IP-ADDRESS-HERE -j DROP
-Add iptables rules to block IP address access to a specific port
iptables -A INPUT -s IP-ADDRESS-HERE -p tcp --destination-port port_number -j DROP
-After adding/removing any of the above rules we need to save the iptables rules with the following command.
iptables-save
With these few commands, we complete the iptables block and unblock rules.
Check/verify if a specific IP is blocked using iptables.
iptables -L INPUT -v -n | grep "IP-ADDRESS-HERE"
For testing, we will block the google.com IP.
Remove block rule and check ping google.com
