Article

Table of Contents
Theme:
Was this article helpful?
Try Vultr Today with

$50 Free on Us!

Want to contribute?

You could earn up to $300 by adding new articles!

iptables Quickstart Guide

Last Updated: Mon, Apr 13, 2020
Quickstart Guides Security System Admin

iptables is a utility program used to configure the Linux kernel firewall. This quickstart guide outlines several useful commands and techniques to assist debugging iptables.

List all running rules

To view the current firewall rules:

iptables -L -v

Disable and flush iptables

To disable the firewall temporarily, flush all rules.

sudo iptables -P INPUT ACCEPT
sudo iptables -P OUTPUT ACCEPT
sudo iptables -P FORWARD ACCEPT
sudo iptables -F

Deny all traffic

To block everything, drop all packets on all chains.

sudo iptables -P INPUT DROP
sudo iptables -P OUTPUT DROP
sudo iptables -P FORWARD DROP

A common example

Here is a common example to allow SSH, HTTP and HTTPS, but drop everything else.

Step 1

Append a rule to the INPUT chain:

  • Protocol TCP
  • Destination port 22, 80 & 443

For those packets, jump to ACCEPT.

sudo iptables -A INPUT -p tcp --dport 22 -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 80 -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 443 -j ACCEPT

Step 2

Append a rule to the INPUT chain: Drop everything else.

sudo iptables -A INPUT -j DROP

More information

Want to contribute?

You could earn up to $300 by adding new articles