[r...@cthulhu ~]# iptables -L --line-numbers Chain INPUT (policy ACCEPT) num target prot opt source destination 1 DROP all -- 10.5.5.5 anywhere 2 DROP all -- 10.5.5.6 anywhere 3 DROP all -- 10.5.5.7 anywhere
Find the rule number that matches the one you want to delete. Say you want to delete #2 from the INPUT table [r...@cthulhu ~]# iptables -D INPUT 2 [r...@cthulhu ~]# iptables -L --line-numbers Chain INPUT (policy ACCEPT) num target prot opt source destination 1 DROP all -- 10.5.5.5 anywhere 2 DROP all -- 10.5.5.7 anywhere Or you can do iptables -F which will basically drop all your iptables. Make sure you've saved recently before you do that. On Thu, Sep 17, 2009 at 8:22 PM, sunhux G <[email protected]> wrote: > Thanks Ian. > > So I issue this command on both cluster nodes and it will also > stop access to the virtual cluster address? > > What's the command to reverse / remove > " iptables -A INPUT -s 10.5.5.25 -j DROP " ? > Just in case there's a problem, I'll need to reverse. > > Tks > U > On Fri, Sep 18, 2009 at 10:36 AM, Ian Hayes <[email protected]>wrote: > >> iptables -A INPUT -s 10.5.5.25 -j DROP >> >> On Thu, Sep 17, 2009 at 7:33 PM, sunhux G <[email protected]> wrote: >> >>> >>> Hi, >>> >>> I have a RHEL 5.1 cluster that's constantly being accessed by an >>> application from a Windows server application via sqlnet (ie Tcp >>> port 1521) which caused a specific Oracle accounts to be locked. >>> >>> The owner of the Windows box does not know why the Filenet >>> application is doing this so while she's doing the research which >>> configuration in Filenet needs to be fixed to stop this, we need an >>> interim measure to block this Windows server's access to the cluster. >>> >>> Thus I would like to set up iptables / firewall on this Linux box to >>> stop the sqlnet access. Can someone provide me some example >>> commands / syntax ? >>> >>> Source IP address : 10.5.5.25 (Windows server) >>> Tcp port : 1521 >>> My Linux boxes IP address : 10.5.5.46 / .47 >>> My Linux cluster virtual addr : 10.5.5.45 >>> >>> In fact I would like to block on all ports on the Linux cluster to stop >>> this Windows server from accessing it. So what's the exact commands >>> I should issue on each of the Linux box? Would iptables also block >>> the Windows server from accessing the cluster virtual IP addr? >>> >>> >>> Thanks >>> U >>> >>> >>> >>> >>> -- >>> Linux-cluster mailing list >>> [email protected] >>> https://www.redhat.com/mailman/listinfo/linux-cluster >>> >> >> >> -- >> Linux-cluster mailing list >> [email protected] >> https://www.redhat.com/mailman/listinfo/linux-cluster >> > > > -- > Linux-cluster mailing list > [email protected] > https://www.redhat.com/mailman/listinfo/linux-cluster >
-- Linux-cluster mailing list [email protected] https://www.redhat.com/mailman/listinfo/linux-cluster
