Sometimes you can not remove rules using your csf commands because the rules will be added as block wise.
root@ajeesh [~]# csf -g 172.16.9.55
Chain num pkts bytes target prot opt in out source destination
LOCALOUTPUT 9 183 11076 DROP all -- * !lo 0.0.0.0/0 172.16.0.0/16
LOCALINPUT 9 183 11076 DROP all -- * !lo 0.0.0.0/0 172.16.0.0/16
Like this case you can not remove a particular IP from from your server firewall using the commands
csf -tr ip and csf -dr IP
You can delete the IPs using iptables command,
Here should know what is the Ip chain number for your ipblock. From my side you can see my ip chain rule number is 9.
root@ajeesh [~]# iptables -L LOCALINPUT -n -v --line-numbers | grep 172.16.0.0/16
Using this command also you will get the IP chain number.
To delete this rule :
root@ajeesh [~]# iptables -D LOCALINPUT 9
root@ajeesh [~]# iptables -D LOCALOUTPUT 9
No comments:
Post a Comment