In this post, i will show you the simple way to block incoming ip address using iptables firewall on CentOS 5.5. This setting will be removed once you restarted the iptables or rebooted the server.
OPTIONS = long or short options are allowed.
--append -A Append to chain --delete -D Delete matching rule from chain --delete -D Delete rule rulenum (1 = first) from chain --insert -I Insert in chain as rulenum (default 1=first) --replace -R Replace rule rulenum (1 = first) in chain --list -L List the rules in a chain or all chains --source -s [!] address[/mask] source specification --destination -d [!] address[/mask] destination specification --jump -j target INPUT = Incoming Access OUTPUT = Outgoing Access -I = Insert -D = Delete -s = Source Ip Address -j = Target Action DROP = Block action
Steps :
1. Login to your server via SSH as a root
2. To successfully block an IP address, just type this iptables syntax and it will take effect immediately.
syntax : iptables -I INPUT -s IP-ADDRESS -j DROP
[root@server ~]# iptables -I INPUT -s 192.168.2.2 -j DROP
3. To removed blocked IP address, just type this iptables syntax as below:
syntax : iptables -D INPUT -s IP-ADDRESS -j DROP
[root@server ~]# iptables -D INPUT -s 192.168.2.2 -j DROP
4. If you want to look at what’s iptables rules already loaded, type below syntax :
[root@server ~]# iptables -L -n