HostOnNet Blog

APF Firewall, Removing IP from deny rules

Today a client told he can’t access his web site from his home, but working fine from all other locations.

It could be firewall blocking access from his IP address. Server use APF Firewall, which is a popular iptables based firewall for Linux servers.

Clients IP was 12.215.194.140

So i checked the iptables rules with iptables -L

#iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
DROP all — 12-215-194-140.client.mchsi.com anywhere
DROP all — 24-171-54-241.dhcp.stls.mo.charter.com anywhere
DROP all — c-66-41-42-186.hsd1.mn.comcast.net anywhere
DROP all — cpe-069-134-069-189.carolina.res.rr.com anywhere

Found clients IP 12-215-194-140.client.mchsi.com blocked by iptables.

So i checked APF deny list

cat /etc/apf/deny_hosts.rules

Found the IP in deny_hosts.rules, so removed it and restarted apf firewall.

/etc/apf/apf -r

Now the block is removed and client is able to access the server. He got blocked by BFD running on the server for exceeding false login trail.


Posted in Windows. Bookmark the permalink.