IPtables – How to block and unblock IP Addresses in Linux

By Dillon Smart · · · 0 Comments

Linux IPtables manual

Not long ago, I noticed some strange activity on a server I manage. The server, running Ubuntu 22.04, was receiving high volumes of traffic from a single IP Address. After some investigation, I decided the activity resembled that of web scrapping, so I decided to block the IP Address.

Iptables or ufw I hear you ask. In this case, I chose to use iptables.

Difference between IPtables and UFW

It’s important to understand the differences between IPtables and the Firewall.

Both IPTables and UFW are Linux system firewalls. The difference between them is UFW is build upon IPtables, where UFW (Uncomplicated Firewall) is simply a frontend to IPTables.

Block an IP Address using IPtables

In IPtables, each entry is called a rule. It’s good practice to list the rules already in IPtables before adding new rules. This way, you will be aware of any exisiting rules within IPtables.

To run iptable commands, you will need sudo access on the system.

IPtable list rules

To list the contents of IPTables, rrom the terminal, run the following command:

sudo iptables -L -v

Add a new rule to IPtables

To add a new rule to IPtables, in this case to block all packets recieved from a specific IP Address, run the the following command:

sudo iptables -A INPUT -s {the-ip-address} -j DROP

Let’s break this command down a little to understand the flags used.

  • -A Input appends/adds a rule to the input chain
  • -s followed by an IP Address specifies the source address of packets
  • -j DROP instructs IPtables to drop all packets received from the specified IP Address

Unblock an IP Address in IPtables

Now you know how to add rules to IPtables, it’s important to know how to remove rules.

To remove a rule from IPtables, run the following command: 

sudo iptables -D INPUT {chain-number}

Saving rules using iptables-persistent

IPtable rules are ephemeral, meaning if your system is restarted, any rules added will be lost.

If you want rules added to be saved, even after a system restart, you can install the iptables-persistent package.

sudo apt-get install iptables-persistent

During the installation process, you will be prompted to choose if you would like to save the rules currently in iptables.

If you add rules later on, and want to save them, you can run: 

sudo netfilter-persistent save

Learn more about IPtables and or use the man page in Linux how powerful the utility can be.

IPtables man page

To learn more IPtables directly from the terminal, you can use the man page to list all available flags and arguments with descriptions.

man iptables

LinuxUbuntu

0 Comment

Was this helpful? Leave a comment!

This site uses Akismet to reduce spam. Learn how your comment data is processed.

How to generate an SSH key and add to authorized_keys

Updated 16th August 2022

In this article we explain how to generate a SSH key for your local machine and add your public key to the authorized_keys on a remote server. Generate an SSH key for Windows, MAC and Linux Note: If you are using Windows, we recommend you use a SSH client like PuTTY. For MAC/Linux run: ssh-keygen

WSL vs Dual Boot speed test

Updated 16th August 2022

In this experiment, I will be using WSL2 running Ubuntu 20.04 and Ubuntu 20.04 dual-booted on the same Dell XPS. Is there a noticeable difference? Follow along for the results of the WSL vs Dual Boot speed test. If you are like me and use different development environments a lot, you may find the results

Start WSL2 services on Windows startup

Updated 16th August 2022

In some circumstances, you may want to automatically start your WSL2 (Windows Subsystem for Linux) services on Windows startup such as Apache2, Nginx, and MySQL. Follow along below to learn how to start your services when you boot your machine. Create a startup script The first step is to create a startup script. This is