Iptables: Unblock / Delete an IP Address Listed in IPtables Tables

Posted on in Categories , , , , , , , , last updated February 15, 2011

I am a brand new user of a Linux iptables and I can’t find how to instruct my iptables to delete or unblock an IP address listed in iptables firewall. I’m using Debian Linux version. Can you help please?

Iptables is used to set up, maintain, and inspect the tables of IP packet filter rules in the Linux kernel. You can delete one or more rules from the selected chain. There are two versions of this command: the rule can be specified as a number in the chain (starting at 1 for the first rule) or a rule to match.

List existing chains

Type the following command to list current IPs in tables:
iptables -L -n
iptables -L -n -v
iptables -L chain-name -n -v
iptables -L spamips -n -v

List existing chains with line number

To display line number along with other information, enter:
iptables -L INPUT -n --line-numbers
iptables -L OUTPUT -n --line-numbers
iptables -L OUTPUT -n --line-numbers | less
iptables -L spamips -n -v --line-numbers
iptables -L spamips -n -v --line-numbers | grep

Chain droplist (3 references)
num   pkts bytes target     prot opt in     out     source               destination         
1        0     0 LOG        0    --  *      *           LOG flags 0 level 4 prefix `LASSO DROP Block' 
2        0     0 DROP       0    --  *      *           
3        0     0 LOG        0    --  *      *           LOG flags 0 level 4 prefix `LASSO DROP Block' 
4        0     0 DROP       0    --  *      *           
5        0     0 LOG        0    --  *      *           LOG flags 0 level 4 prefix `LASSO DROP Block' 
6        0     0 DROP       0    --  *      *           
7        0     0 LOG        0    --  *      *           LOG flags 0 level 4 prefix `LASSO DROP Block' 
8        0     0 DROP       0    --  *      *           
9      342 23317 LOG        0    --  *      *           LOG flags 0 level 4 prefix `LASSO DROP Block' 
10     342 23317 DROP       0    --  *      *           
11       0     0 LOG        0    --  *      *           LOG flags 0 level 4 prefix `LASSO DR

You will get the list of all blocked IP. Look at the number on the left, then use number to delete it. For example delete line number 10 (subner, enter:
iptables -D INPUT 10
You can also use the following syntax to delete / unblock an IP use the following syntax:
iptables -D INPUT -s xx.xxx.xx.xx -j DROP
iptables -D INPUT -s xx.xxx.xx.xx/yy -j DROP
iptables -D spamlist -s -d 0/0 -j DROP
iptables -D spamlist -s -d 0/0 -j DROP

Finally, make sure you save the firewall. Under CentOS / Fedora / RHEL / Redhat Linux type the following command:
# service iptables save
On a related note I recommend getting a good Linux command line and netfilter Firewall (iptables) book to understand all technical mumbo jumbo.

Posted by: Vivek Gite

The author is the creator of nixCraft and a seasoned sysadmin and a trainer for the Linux operating system/Unix shell scripting. He has worked with global clients and in various industries, including IT, education, defense and space research, and the nonprofit sector. Follow him on Twitter, Facebook, Google+.

5 comment

  1. I didn’t know about the `–line-numbers` parameter, I used to count the lines manually :-|
    Thanks :)

  2. Thanks for the tips. I had to change it a little bit for my router. I did ‘iptables -L -n –line-numbers’ then looked at the top above the numbers and it said ‘Chain FORWARD’ (this can vary). So then I did ‘iptables -D FORWARD 1’.

  3. whenever i ping http://www.aims.ph it looks like this…PLEASE HELP

    i cannot view my domain name.. .but icant view using ip address and 159 ms
    64 bytes from hit-servfail.opendns.com ( icmp_seq=21 ttl=57 time=158 ms
    64 bytes from hit-servfail.opendns.com ( icmp_seq=22 ttl=57 time=158 ms
    64 bytes from hit-servfail.opendns.com ( icmp_seq=23 ttl=57 time=159 ms
    find this error

    1. Maybe your IPTABLES is blocking DNS resolver (and cannot resolve names)… Try to unblocking DNS ports: 53 (udp/tcp) [main] AND 1023 (tcp)

  4. Read log and block any user calling a db.php file

    for i in $(cat access_log | grep db.php | awk '{print $1}' | sort -u); do iptables -I INPUT -s $i -j DROP; done

Comments are closed.