IPtables – How to block and unblock IP Addresses in Linux

By Dillon Smart · · · 0 Comments

Linux IPtables manual

Not long ago, I noticed some strange activity on a server I manage. The server, running Ubuntu 22.04, was receiving high volumes of traffic from a single IP Address. After some investigation, I decided the activity resembled that of web scrapping, so I decided to block the IP Address.

Iptables or ufw I hear you ask. In this case, I chose to use iptables.

Difference between IPtables and UFW

It’s important to understand the differences between IPtables and the Firewall.

Both IPTables and UFW are Linux system firewalls. The difference between them is UFW is build upon IPtables, where UFW (Uncomplicated Firewall) is simply a frontend to IPTables.

Block an IP Address using IPtables

In IPtables, each entry is called a rule. It’s good practice to list the rules already in IPtables before adding new rules. This way, you will be aware of any exisiting rules within IPtables.

To run iptable commands, you will need sudo access on the system.

IPtable list rules

To list the contents of IPTables, rrom the terminal, run the following command:

sudo iptables -L -v

Add a new rule to IPtables

To add a new rule to IPtables, in this case to block all packets recieved from a specific IP Address, run the the following command:

sudo iptables -A INPUT -s {the-ip-address} -j DROP

Let’s break this command down a little to understand the flags used.

  • -A Input appends/adds a rule to the input chain
  • -s followed by an IP Address specifies the source address of packets
  • -j DROP instructs IPtables to drop all packets received from the specified IP Address

Unblock an IP Address in IPtables

Now you know how to add rules to IPtables, it’s important to know how to remove rules.

To remove a rule from IPtables, run the following command: 

sudo iptables -D INPUT {chain-number}

Saving rules using iptables-persistent

IPtable rules are ephemeral, meaning if your system is restarted, any rules added will be lost.

If you want rules added to be saved, even after a system restart, you can install the iptables-persistent package.

sudo apt-get install iptables-persistent

During the installation process, you will be prompted to choose if you would like to save the rules currently in iptables.

If you add rules later on, and want to save them, you can run: 

sudo netfilter-persistent save

Learn more about IPtables and or use the man page in Linux how powerful the utility can be.

IPtables man page

To learn more IPtables directly from the terminal, you can use the man page to list all available flags and arguments with descriptions.

man iptables

LinuxUbuntu

0 Comment

Was this helpful? Leave a comment!

This site uses Akismet to reduce spam. Learn how your comment data is processed.

The ULTIMATE guide to setup Windows Subsystem for Linux (WSL) with Ubuntu, Apache2, MySQL and PHP

Updated 16th August 2022

Windows is now good for development! Yes! All thanks to Windows Subsystem for Linux (WSL). No more WAMP or Xampp, WSL can do everything you need. In this ultimate guide to setup Windows Subsystem for Linux with Ubuntu, Apache2, MySQL, and PHP we will cover: What is Windows Subsystem for Linux? Setting up Windows Subsystem

How to Upload and Download files to and from a Linux server over SSH

Updated 16th August 2022

Its common place to need to upload and download files to and from a remote Linux server. To upload and download files from a remote Linux server you can use the scp (secure copy) command. To download a file you can use: To upload a file you can use: scp /path/to/file/your/uploading username@ip-or-server-name:/path/to/location/to/upload/to Note: It is

What is a Cron Job and how to write to the Crontab

Updated 10th December 2023

The need to schedule tasks on a machine is common for any Software Developer, System Admin or IT professional, so it’s important to learn what a cron job is and how to write to the crontab. What is CRON? Cron is a daemon built-in to most Unix-like operating systems such as: Cron reads the crontab (cron tables)