How to unblock an ip?

**groefie** · 04-13-2005 03:20 PM

Hi,

one of our trusted customers is blocked by BFD due too much failed logins. No he can't access the server anymore. How do I remove his ip from the block list? I've tried

iptables -A INPUT -s 84.107.***.* -j ACCEPT

but that doesn't work...

Thanks in advance!

Gunther.

**RickG** · 04-13-2005 03:58 PM

Gunther:

The correct syntax to remove an entry from the iptables is:

iptables -D INPUT Line#

To determine the Line#, run iptables -L and count from the top which entry you want to remove.

As an example, let's say after running the list you see:

Chain INPUT (policy ACCEPT)
target prot opt source destination
DROP all -- 111.222.333.444 anywhere
DROP all -- 123.456.789.101 anywhere
DROP all -- 346.778.123.010 anywhere
acctboth all -- anywhere anywhere
etc.

... and you want to remove the 123.456.789.101 entry, that would be line 3, or:

iptables -D INPUT 3

**groefie** · 04-14-2005 09:35 AM

Thanks.

**rootuser** · 04-14-2005 09:49 AM

One More Doubt If I Want To Open A Particular Dynimic Port To Particular Ip Address , What Is The Command For That.i Mean Through Iptables.

Ramsy · 04-14-2005 01:26 PM

take a look in /etc/apf/conf.apf

**rootuser** · 04-15-2005 12:50 AM

Originally Posted by Ramsy

take a look in /etc/apf/conf.apf

I want to open port 2001 . In /etc/apf/conf.apf i includeds this particular port to IG and EG sections , but it is not working .So i ask. Do u know any other way .T

hanks!

**GeekPatrolMille** · 04-15-2005 07:38 AM

Be certain to reload APF rules when modifying ports

apf -r

or

apf --restart

They both do the same thing but this will allow the existing tables in APF to be flushed and the new changes to become active

-greg

**groefie** · 04-15-2005 04:08 PM

Originally Posted by RickG

Gunther:

The correct syntax to remove an entry from the iptables is:

iptables -D INPUT Line#

To determine the Line#, run iptables -L and count from the top which entry you want to remove.

As an example, let's say after running the list you see:

Chain INPUT (policy ACCEPT)
target prot opt source destination
DROP all -- 111.222.333.444 anywhere
DROP all -- 123.456.789.101 anywhere
DROP all -- 346.778.123.010 anywhere
acctboth all -- anywhere anywhere
etc.

... and you want to remove the 123.456.789.101 entry, that would be line 3, or:

iptables -D INPUT 3

Problem: this works fine but the day after the ip is in the list again and the customer can't access the server again... Do I have to save something first?

**FWC** · 04-15-2005 05:31 PM

Originally Posted by groefie

Problem: this works fine but the day after the ip is in the list again and the customer can't access the server again... Do I have to save something first?

Put their IP in /usr/local/bfd/ignore.hosts or tell them to stop being a dumbass and generating failed logins.

**GeekPatrolMille** · 04-15-2005 05:34 PM

I was required to remove one entry before from /etc/apf/deny_hosts.rules because of a similar issue. This file is just a simple text file of all the IP and host names you wish to block. Delete the line you want to unblock. Now, if you have some tool in addition to APF which logs entries automatically into the firewall deny list, there may be other files to remove these entries from also but I could not tell you what that may be without more info.

-greg

**GeekPatrolMille** · 04-15-2005 05:38 PM

I agree with the dumbass process described by FWC... This should be applied across all user policy...

LinkBack

Thread Tools

How to unblock an ip?

Unblock cPHulk brutes

How do I unblock my ip from my dedicated server

Brute Force - how to unblock ip's ?

Somebody's IP is blocked... How do I unblock the ip address they have?

Unblock host or IP