How to Drop or Block Incoming Access From Specific IP Address Using Iptables

Share this Article :

In this post, i will show you the simple way to block incoming ip address using iptables firewall on CentOS 5.5. This setting will be removed once you restarted the iptables or rebooted the server.

OPTIONS = long or short options are allowed.

    --append  -A Append to chain
    --delete  -D Delete matching rule from chain
    --delete  -D Delete rule rulenum (1 = first) from chain	
    --insert  -I Insert in chain as rulenum (default 1=first)
    --replace -R Replace rule rulenum (1 = first) in chain
    --list    -L List the rules in a chain or all chains
    
    --source      -s [!] address[/mask] source specification
    --destination -d [!] address[/mask] destination specification                         
    --jump        -j target
    
    INPUT = Incoming Access
    OUTPUT = Outgoing Access
    -I = Insert
    -D = Delete
    -s = Source Ip Address
    -j = Target Action
    DROP = Block action
    

Steps :
1. Login to your server via SSH as a root
2. To successfully block an IP address, just type this iptables syntax and it will take effect immediately.

Also Read :   How to Configure Iptables Firewall for 389 Directory Server on CentOS 6.2

syntax : iptables -I INPUT -s IP-ADDRESS -j DROP

    [[email protected] ~]# iptables -I INPUT -s 192.168.2.2 -j DROP
    

3. To removed blocked IP address, just type this iptables syntax as below:

syntax : iptables -D INPUT -s IP-ADDRESS -j DROP

    [[email protected] ~]# iptables -D INPUT -s 192.168.2.2 -j DROP
    

4. If you want to look at what’s iptables rules already loaded, type below syntax :

    [[email protected] ~]# iptables -L -n
    


Leave a Reply