Gebannte IP

[Anonymous]

ich habe einige IP gebannt mit

iptables -A INPUT -s 78.175.212.80 -j DROP

wie kann ich listede gebannte IP sehen?

[aubergine]

man iptables

[Anonymous]

man iptables

Code: Select all

NAME
       iptables - administration tool for IPv4 packet filtering and NAT

SYNOPSIS
       iptables [-t table] -[AD] chain rule-specification [options]
       iptables [-t table] -I chain [rulenum] rule-specification [options]
       iptables [-t table] -R chain rulenum rule-specification [options]
       iptables [-t table] -D chain rulenum [options]
       iptables [-t table] -[LFZ] [chain] [options]
       iptables [-t table] -N chain
       iptables [-t table] -X [chain]
       iptables [-t table] -P chain target [options]
       iptables [-t table] -E old-chain-name new-chain-name

DESCRIPTION
       Iptables  is  used  to set up, maintain, and inspect the tables of IP packet filter rules in the Linux kernel.  Several different tables may be defined.
       Each table contains a number of built-in chains and may also contain user-defined chains.

       Each chain is a list of rules which can match a set of packets.  Each rule specifies what to do with a packet that matches.  This is called a  âtargetâ,
       which may be a jump to a user-defined chain in the same table.

TARGETS
       A  firewall  rule  specifies  criteria for a packet, and a target.  If the packet does not match, the next rule in the chain is the examined; if it does
       match, then the next rule is specified by the value of the target, which can be the name of a user-defined chain or one of the  special  values  ACCEPT,
       DROP, QUEUE, or RETURN.

       ACCEPT  means  to let the packet through.  DROP means to drop the packet on the floor.  QUEUE means to pass the packet to userspace (if supported by the
       kernel).  RETURN means stop traversing this chain and resume at the next rule in the previous (calling) chain.  If  the  end  of  a  built-in  chain  is
       reached or a rule in a built-in chain with target RETURN is matched, the target specified by the chain policy determines the fate of the packet.

TABLES
       There  are  currently  three  independent tables (which tables are present at any time depends on the kernel configuration options and which modules are
       present).

       -t, --table table
              This option specifies the packet matching table which the command should operate on.  If the kernel is configured with automatic module  loading,
              an attempt will be made to load the appropriate module for that table if it is not already there.

              The tables are as follows:

              filter:
                  This  is  the default table (if no -t option is passed).  It contains the built-in chains INPUT (for packets destined to local sockets), FOR-
                  WARD (for packets being routed through the box), and OUTPUT (for locally-generated packets).

              nat:
                  This table is consulted when a packet that creates a new connection is encountered.  It consists of three built-ins: PREROUTING (for altering
                  packets  as  soon  as they come in), OUTPUT (for altering locally-generated packets before routing), and POSTROUTING (for altering packets as
                  they are about to go out).

:

Welche soll ich weiter machen?

[aubergine]

Lesen was weiter unten steht.