Skip to content

Instantly share code, notes, and snippets.

@sburlot
Created Mar 7, 2018
Embed
What would you like to do?
remove an iptable rule, passing an IP address to look for
#!/usr/bin/perl
## unban an IP using iptables
## script will display the iptable command to run, it will not delete the rule (if found)
## Usage: ./unban.pl -ip=123.123.123.123
use Getopt::Long;
@LINES = `iptables -L -n`;
$banned_ip = "";
$chain = "";
$cmd = "";
$found = 0;
$result = GetOptions ("ip=s" => \$banned_ip);
if ($banned_ip !~ /\d+\.\d+\.\d+\.\d+/) {
print("\nUsage: $0 -ip=123.123.123.123\n\n");
exit 1;
}
print("looking for: $banned_ip\n");
foreach $line (@LINES) {
if ($line =~ /Chain\s+([^\s+]*)\s/) {
$chain = $1;
# print("Chain: $chain\n");
next;
}
if ($line =~ /(^\w+)\s+[^\s]+\s+[^\s]*\s+(\d+\.\d+.\d+.\d+).*/) {
$ip = $2;
$cmd = $1;
if ($ip eq $banned_ip) {
print "Found: $ip ($chain, $cmd)\n";
$found = 1;
last;
}
}
}
if ($found) {
$cmd = "iptables -D $chain -s $banned_ip -j $cmd";
print("Run this command:\n$cmd\n");
} else {
print("Address $banned_ip not found\n");
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment