Hello,

I added a bunch of drop rules to IPtables in a DOS attack that was happening. I blocked a customers IP and need to remove it but keep all the other rules in tact. SO i don't want to flush all the chains just the one rule.

Any ideas? Specifically exact syntax would be nice ;-)

Thanks,

Webmin has a nice interface for editing iptable rules.

I need the command line syntax ;-)

Thanks,

iptables -X <chain>

Hey,

<Chain> means exactly what? Would it be like:

iptables -X -A insert -s xxx.xxx.xxx.xxx -j drop


Thanks....I just wound up flushing all the rules but would like to know for the future!

The -X switch will drop a whole chain, and only if it is empty .. I don't think this is what you want. The syntax to drop a single rule is:

iptables -D <chain> <rule #>

You can obtain the rule number by counting (hah!) or the following command:

iptables -L <chain> -n --line-numbers

The other way to do it is to use the same command that you used to add the rule, but replace the -I or -A with -D. For example, if you added a rule like this:

iptables -A INPUT -p icmp -j DROP

you can delete it like this:

iptables -D INPUT -p icmp -j DROP

The rule would have to match exactly for this method to work.

-knightfoo

http://www.onlamp.com/linux/cmd/i/iptables.html is a good synopsis of all iptables commands, which can also be accessed by "iptables -h".

Does iptables come preinstalled on the Red Hat 9 power servers? I am at a shell prompt and when I try iptables commands it tells me command not found?

I'm just got this server today (my first SB linux server) and I am trying to lock this thing down before it gets hacked or something. I am only using it for serving websites, so I only need 80, 443, 21, ssh, and 8443 open.

any thoughts?

thanks

-matt

Originally posted by msalo
Does iptables come preinstalled on the Red Hat 9 power servers? I am at a shell prompt and when I try iptables commands it tells me command not found?

I'm just got this server today (my first SB linux server) and I am trying to lock this thing down before it gets hacked or something. I am only using it for serving websites, so I only need 80, 443, 21, ssh, and 8443 open.

any thoughts?

thanks

-matt

All Red Hat servers have iptables. When you get a "command not found", it's either because you're not root or you didn't add the "-" when you su'ed to root. :)

doh!! you were right, I forgot the "-" on the su. Thanks!

cool. Now that I can use iptables, i have to figure out how to configure it without locking myself out in the process! hehehe..

Thanks QT!

Originally posted by msalo
doh!! you were right, I forgot the "-" on the su. Thanks!

cool. Now that I can use iptables, i have to figure out how to configure it without locking myself out in the process! hehehe..

Thanks QT!

You're welcome! Good luck with your configuring. :)