0
On Linux, I've been building a malicious IP list. I assume the DDOS is now gone. How do I drop the entire INPUT chain from iptables, without affecting the FORWARD or OUTPUT chains?
Volomike
Posted 2013-05-17T12:37:48.937
Reputation: 691
How do I drop the entire INPUT chain from iptables?
Answers
1
iptables -F optionally takes the chain to flush.
iptables -F INPUT
But you should consider making a separate chain in case you ever legitimately need filtering in INPUT.
Ignacio Vazquez-Abrams
Posted 2013-05-17T12:37:48.937
Reputation: 100 516
I tried
iptables -F INPUTon a RackSpace cloud node and it froze the server. I had to reboot. Not recommended. I need to find a way to not affect their rules -- only mine. – Volomike – 2013-05-17T13:00:54.7271That's why you use a separate chain for this. – Ignacio Vazquez-Abrams – 2013-05-17T13:01:22.760
Can you show me how to add a separate INPUT chain so that I can flush just that chain later on? – Volomike – 2013-05-17T13:16:30.327
2@Volomike:
-Nwill create a new chain. Simply add a rule at/near the end ofINPUTthat jumps to this chain. – Ignacio Vazquez-Abrams – 2013-05-17T13:25:27.100you could also manually edit the config file. /etc/sysconfig/iptables I believe and then restart the service.... Just don't mess up syntax wise, especially if your remote connecting. – hwshadow – 2013-05-18T08:21:58.447