Tag Archives: iptables

More ways to unban an IP from iptables

Since my iptables keeps growing, listing the whole table can take more than a few minutes these days. I dug around and found a couple of options that will do the job faster:

iptables -D chainname -s theipaddress -j DROP

Alternately, you can list:
iptables -L -v --line-numbers

Then delete:
iptables -D chainname linenumber_of_IP_to_delete

This will make cleaning up the Fail2Ban tables a lot easier, especially if one of your users decides to ban himself and you have to sift through a ton of numbers to find his IP.

Unban me!

If you’ve found yourself unfortunate to lock yourself out of SSH and banning yourself from your own server via Fail2Ban, then here’s how to unban yourself:


iptables -L
look at the Chain fail2ban-ssh
notice the ip address to unban and count at which line number this is.
e.g.:
Chain fail2ban-ssh (1 references)
target prot opt source destination
DROP 0 -- 61.236.117.xxx anywhere
DROP 0 -- 61.236.117.yyy anywhere
RETURN 0 -- anywhere anywhere
execute the following command:
iptables -D fail2ban-ssh if you want to unban user 61.236.117.yyy use:
iptables -D fail2ban-ssh 2

The Ban-mobile

I’ve been using a lot of this lately:

iptables -A INPUT -s IP-ADDRESS -j DROP
service iptables save

I’ve noticed that pop3 attempts aren’t being filtered by Fail2Ban; I’ve seen an increase in dictionary attacks on this port and have had to resort to manually banning the offenders. I’ve also installed a LogViewer in WHM to assist in the fight.