Unblocking IPs from the Command Line

  • Hi,

    I was just wondering if it possible to handle any of the firewall rules from the command line.

    For example, can I list the rule or unblock/block an IP from the command line?

    Thanks in advance


  • Rebel Alliance Developer Netgate

    Not at this time, not easily anyhow.

    If it's in a rule or alias, you could hand edit the config (using viconfig) and then run /etc/rc.filter_configure

    If it's in a table that is dynamic, like snort or the ssh lockout, you can clear it on the command line with pfctl like so:

    pfctl -t sshlockout -T flush

    That would clear all entries in the sshlockout table

Log in to reply