Simple IPtables Rules For Linux Administrator

Insight: Simple IPtables Rules For Linux Administrator

In this post, we are going to talk on basic but useful Linux commands related to IPtables.

List Of Simple IPtables Rules For Linux Administrator

Check the Current Rules

Run the following command to check the current rules.

$ sudo iptables -L

Check the Default Policy Chain Behavior

Run the following command to print out the default policy chain behavior of your system.

$ sudo iptables -L | grep policy

Check Iptables Status

Run the following command to see the current status of your iptables

$ sudo iptables -L -v

List Rules by Specification

It will display a list of all your rules based on their specifications.

$ sudo iptables -S

Reset Iptables Rules

Run the following command to reset Iptables rules.

$ sudo iptables -F

Starting the Iptables Firewall

Run the following command to start Iptables firewall where systemd is used.

$ sudo systemctl start iptables

Systems that use sysvinit

$ sudo /etc/init.d/iptables start

Flush Iptables and Persist Changes

For flushing iptables and make the changes permanent.

$ sudo iptables -F && sudo /sbin/iptables-save

Saving Modified Iptables

$ sudo service iptables save

Stopping the Iptables Firewall

For systems that use systemd.

$ sudo systemctl stop iptables

For systems running sysvinit.

$ sudo /etc/init.d/iptables stop

Restarting the Iptables Firewall

Run the following command in your Linux to restart the Iptables firewall.

$ sudo systemctl restart iptables

Check All Existing Rules

Run the following command to print out the existing Iptables firewall rules in your system.

$ sudo iptables -L -n -v

Check Existing Rules for Specific Tables

Run the following command to check existing rules for the specific tables.

$ sudo iptables -t nat -L -v -n

List Rules for TCP Chains Only

Run the following  command in Linux to list rules for TCP chains.

$ sudo iptables -S TCP

List Rules for UDP Chains Only

For UDP chains rules.

$ sudo iptables -S UDP

Block all Incoming Requests

Run the following command to block all incoming requests.

$ sudo iptables INPUT -j DROP

Block a Specific IP Address

Run the following command to block a specific IP address.

$ sudo iptables -A INPUT -s xxx.xxx.xxx.xxx -j DROP

Block all TCP requests from an IP

Run the following command to block all TCP requests from an IP.

$ sudo iptables -A INPUT -p tcp -s xxx.xxx.xxx.xxx -j DROP

Unblock an IP Address

Run the following command to unbloack an IP address in Linux.

$ sudo iptables -D INPUT -s xxx.xxx.xxx.xxx -j DROP

Block IP Address Ranges

The below command lets you block all incoming requests from the IP range xxx.xxx.xxx.0/24.

$ sudo iptables -A INPUT -s xxx.xxx.xxx.0/24 -j DROP

Unblock IP Address Ranges

For unblocking a given IP address range from your iptables firewall.

$ sudo iptables -D INPUT -s xxx.xxx.xxx.0/24 -j DROP

Block all TCP requests for Given IP Range

Command to block all TCP requests from a given IP range, say xxx.xxx.xxx.0/24.

$ sudo iptables -A INPUT -p tcp -s xxx.xxx.xxx.0/24 -j DROP

Unblock all TCP requests for Given IP Range

Run the following command to unblock all TCP requests for given IP range.

sudo iptables -D INPUT -p tcp -s xxx.xxx.xxx.0/24 -j DROP

Block TCP Connections on Specific Ports

Block a specific port. For example, we are blocking 256 in this case.

$ sudo iptables -A OUTPUT -p tcp --dport 256 -j DROP

Allow TCP Connections on Port 80

Run the command to allow TCP connections on port 80.

$ sudo iptables -A INPUT -p tcp -s xxx.xxx.xxx.0/24 --dport 80 -j ACCEPT

Reject TCP Connections on Port 80

$ sudo iptables -A INPUT -p tcp -s xxx.xxx.xxx.0/24 --dport 80 -j DROP