Commands guide for iptables firewall on linux os

Common Iptables Firewall Rules and Commands

What is Iptables?

Iptables is the software firewall that is included with most Linux distributions by default. How Iptables works: iptables is a command-line firewall utility that uses policy chains to allow or block traffic. When a connection tries to establish itself on your system, iptables looks for a rule in its list to match it to. If it doesn’t find one, it resorts to the default action.

for list of parameters visit Iptables command options and parameters on linux

Most common Iptables Firewall commands list:

  • To find your network interface run the following command:


    in the bellow examples the network interface eth0

  • Display the List of currently configured iptables rules:

    iptables -L
  • To clear all the currently configured iptables rules, you can issue the flush command:

    iptables -F
  • To Block connection from Specific ip-address run the command for example block ip

    iptables -A INPUT -s -j DROP
  • To Block SSH connection from Specific ip-address run the command for example block ip

    iptables -A INPUT -p tcp –dport ssh -s -j DROP
    This following shows how to block SSH connections from any IP address.
    iptables -A INPUT -p tcp –dport ssh -j DROP
  • Allow Incoming SSH only from a Sepcific Network as example allow ssh connection from 192.168.1.x network:

    iptables -A INPUT -i eth0 -p tcp -s –dport 22 -m state –state NEW,ESTABLISHED -j ACCEPT
    iptables -A OUTPUT -o eth0 -p tcp –sport 22 -m state –state ESTABLISHED -j ACCEPT
  • Ping iptables rules:

    • Allow Ping from Outside to Inside

      iptables -A INPUT -p icmp –icmp-type echo-request -j ACCEPT
      iptables -A OUTPUT -p icmp –icmp-type echo-reply -j ACCEPT
    • Allow Ping from Inside to Outside

      iptables -A OUTPUT -p icmp –icmp-type echo-request -j ACCEPT
      iptables -A INPUT -p icmp –icmp-type echo-reply -j ACCEPT
  • Allow All Incoming HTTP and HTTPS:

    iptables -A INPUT -i eth0 -p tcp –dport 80,443 -m state –state NEW,ESTABLISHED -j ACCEPT
    iptables -A OUTPUT -o eth0 -p tcp –sport 80,443 -m state –state ESTABLISHED -j ACCEPT
  • Allow MySQL connection only from a specific IP-address:

    iptables -A INPUT -i eth0 -p tcp -s –dport 3306 -m state –state NEW,ESTABLISHED -j ACCEPT
    iptables -A OUTPUT -o eth0 -p tcp –sport 3306 -m state –state ESTABLISHED -j ACCEPT
  • Allow outbound DNS:

    iptables -A OUTPUT -p udp -o eth0 –dport 53 -j ACCEPT
    iptables -A INPUT -p udp -i eth0 –sport 53 -j ACCEPT
  • iptables rule will help you prevent the Denial of Service (DoS) attack on your webserver:

    iptables -A INPUT -p tcp –dport 80 -m limit –limit 50/minute –limit-burst 200 -j ACCEPT
    Parameters Description:

    • -m limit: This uses the limit iptables extension
    • –limit 50/minute: This limits only maximum of 50 connection per minute. Change this value based on your specific requirement
    • –limit-burst 200: This value indicates that the limit/minute will be enforced only after the total number of connection have reached the limit-burst level.
  • Saving iptables Changes:

    The changes that you make to your iptables rules will be revoked next time that the iptables service restarted unless you execute a command to save the changes. This command can differ depending on your distribution Linux os:

    For Ubuntu OS:
    sudo /sbin/iptables-save
    For Red Hat / CentOS:
    /sbin/service iptables save
Share on facebook
Share on twitter
Share on linkedin
Share on telegram
Share on whatsapp

Related Posts