How to block IP address in Linux – Using IPTables Rule

Using IPTables rules we can block a Single IP address or a block of IP Addresses.

The following command (via ssh) will drop any packet coming from the IP address 1.2.3.4 :

# iptables -I INPUT -s 1.2.3.4 -j DROP

or you can use append

# iptables -A INPUT -s 1.2.3.4 -j DROP

How To Block Subnet (ip.Add.re.ss/subnet):

If your Machines public interface card name is eth1 and if you’d like to block the subnet 10.0.0.0/8 -Use the following syntax:

# iptables -i eth1 -A INPUT -s 10.0.0.0/8 -j DROP

How to View Blocked IP Address(es):

Simply use the following command:

# iptables -L -v

How to Save Blocked IP Address(es) in IPTables:

# service iptables save

How to disable IPtables Firewall in Linux (Red hat/CentOS/Fedora Core)

Disable / Turn off Linux Firewall (Red hat/CentOS/Fedora Core)

Type the following two commands to save the IPtables first and then to stop it (you must login as the root user):

# /etc/init.d/iptables save
# /etc/init.d/iptables stop

Turn off firewall on boot

# chkconfig iptables off

Enable / Turn on Linux Firewall (Red hat/CentOS/Fedora Core)

Type the following command to turn on iptables firewall:

# /etc/init.d/iptables start

 

Turn on firewall on boot:

# chkconfig iptables on