9

I'm trying to remove a blocked IP from our server. 

405 35964 DROP       all  --  !lo    *       IP ADDRESS           0.0.0.0/0 
 19   988 DROP       all  --  *      !lo     0.0.0.0/0            24.7.56.95 


root@host01 [~]# iptables -D INPUT 35964
iptables: Index of deletion too big
root@host01 [~]# iptables -D INPUT 405
iptables: Index of deletion too big

root@host01 [~]# iptables -D INPUT -s IPADDRESS -j ACCEPT
iptables: Bad rule (does a matching rule exist in that chain?)

What gives?! Google is of no help since I keep finding the same lines that give me the same error.

Improve this question

3 Answers 3

Reset to default
20

Run iptables-save|grep 24.7.56.95 to get the exact rule command used to enabled the block. It will be something like:

-A INPUT ! -i lo -s 24.7.56.95 -j DROP

Take this command, replace the -A with -D and run it through iptables:

iptables -D INPUT ! -i lo -s 24.7.56.95 -j DROP

Et viola!

Improve this answer
0
4

Use iptables -D INPUT 1 to delete the first rule in list, or iptables -F INPUT to delete all rules.

405 and 35964 are the packet and byte counts, respectively. Just like the header says.

$ sudo iptables -v -L
Chain INPUT (policy ACCEPT 1 packets, 155 bytes)
 pkts bytes target     prot opt in     out     source               destination

Use iptables -L --line-numbers to see the actual rule numbers.

Improve this answer
1

Check if there is any block for the IP address in csf

grep /etc/csf

If found, remove that csf rule

csf -dr

It will automatically remove the iptable rule also.

You can check the status of IP using the command csf -g

If no rules in Ip tables, the result will be as follows:

Chain num pkts bytes target prot opt in out source destination
No matches found for in iptables

You can also check the same in IP table also.

iptables -nL | grep

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .