Hello,

some application repeatedly blocking my IP in IPtables, (i dont know what is her motive and which one it is)

it always add it at the start of the INPUT chain. Here is whole INPUT chain:

at this state im blocked. So while considering IP is added at the beginning of the chain, please which exact command i can use to add rule that will always overide that first DROP rule for my IP? Thank You in advance

First, you don't tell us what the "some application" is, and mention "her motive"...but don't say who the "her" is, or tell us what environment this is in.

If this is at your place of work, and you are NOT the administrator/network administrator, then you don't need to be doing ANYTHING with the firewall rules on that box. Secondly, as you've been told many times before, did you try to actually READ and LEARN anything on your own? Perhaps reading the man page on the iptables command, or any of the VERY abundant documentation??? Asking us to spoon-feed you an 'exact command' is fairly rude...essentially, you're saying that your time is worth more than ours.

If you tried reading the man pages on iptables, you'd see that (amazingly), the -A means ACCEPT and the -D means DELETE..and there's ALSO a -L for LINE number, letting you delete one specific rule. Add them up, and you get something like:
Since we've now saved you the trouble of looking up the flags, you can actually TRY some of this on your own, and figure out the "exact command".

Also, on the general subject of "whitelisting" ... do not use "whitelisting!"

You should be using OpenVPN ... with unique digital certificates (not "PSK = pre-shared keys = passwords"). And with tls_auth so that the server won't even "pick up the telephone" unless you have pre-identified yourself properly.

The Internet is not "a safe place." You should not be accepting regular, in-bound communications from sources that you cannot verify and whose traffic is not securely encrypted. OpenVPN not only accomplishes all of these things (in a nice, "cross-platform" way), but it is virtually invisible when in use. Once a secure "tunnel" (equals "router") or "bridge" (equals "switch") is established, clients simply talk to one another, "as though it were just an ordinary address" ... but the connection is secure.

Therefore, instead of using "white lists," establish tunnels.

1 members found this post helpful.

@TB0ne ignored Your post.
@sundialsvcs , thx for certainly great general advice, but i wanted solution for my question in this case

solution not yet found.

iptables rules are evaluated in sequence, and once a match happens in a rule with a terminating target (DROP, REJECT, ACCEPT, DNAT, etc.) no further rules are examined in that step. If that DROP rule is at the beginning of the INPUT chain, there is nothing you can do later that will affect it.

1 members found this post helpful.

As you've been told MANY TIMES, STOP USING TEXT-SPEAK...read the LQ Rules. And just posting "solution not yet found" is not telling us what (if ANYTHING) you've done/tried. If you're just sitting there, waiting for someone to spoon-feed you an answer, good luck.

Also, you're VERY welcome for me handing you the answer, if you had bothered to put ANY effort into it. Again, you didn't read the man pages, didn't try to look anything up, and even when given a solution that requires you to do even a LITTLE work/learning of your own, you don't. You still don't tell us anything about the 'some application', who the "her" is, what kind of environment, or provide ANY details.

Again, you seem to be wanting to be spoon-fed an answer, with comments like "with exact command". Sorry, but if you're not going to provide details, answer questions, or show ANY effort of your own, why should anyone here respond to you???? This is much like many of your other posts....read the "Question Guidelines".

Thx, this was helpfull. So in my case (when an IP DROP rule is added on the chain beginning) i need to execute some iptables command to remove an IP (even i do not know on which line it is).. Thats the only solution except discovering which app placing the rule? I asume i can discover such app by searching my IP thru the filesystema nd then thru mysql databases..

...and again, STOP USING TEXT SPEAK...read the LQ RULES.
...or you could try actually paying attention.

The VERY FIRST REPLY, I handed you the commands to figure out which lines rules were on, and handed you the command to delete them. From the snotty PM's you sent me, you say you 'learn by internet'...at what point are you going to start? You were given commands, examples, pointed to the man pages, and even told WHICH flags to look at. How much more do you require before you can do something on your own???

AGAIN, as you were asked in post #2:

• Which "some application" are you talking about?
• You mention "her"...is that the network administrator???
• If you're not the administrator, you SHOULD NOT be circumventing network security rules. Are you?

Again, if you're not going to answer questions, there isn't much point in posting. If you expect to be spoon-fed an 'exact command' to do EXACTLY what you want, with zero effort on your part, there is also not much point in asking questions...you should hire someone to do things for you.

...and a nice follow-up to the OP's question. From private-messages:
...and my personal favorite from the OP:
..with a good runner-up:
So, even after being handed answers and advice, THIS is how the OP behaves. Apparently, the OP's time is 'precious', but OUR time isn't, and we should look up the EXACT command for them, to save them the task of reading/learning something.