Dec 092009
 

Iptables is a Linux kernel-level module allowing us to perform various networking manipulations (i.e. packet filtering) to achieve better network security.
Here are some iptables commands I have found useful. This list will be updated from time to time.
__________________________
View all current iptables rules:

iptables -L -v

__________________
View all INPUT rules:

iptables -L INPUT -nv

____________________________________
How to block an IP address using iptables:

iptables -I INPUT -s “201.128.33.200” -j DROP

____________________________
To block a range of IP addresses:

iptables -I INPUT -s “201.128.33.0/24” -j DROP

__________________________
How to unblock an IP address:

iptables -D INPUT -s “201.128.33.200” -j ACCEPT
or
Accept packets from trusted IP addresses
/sbin/iptables -A INPUT -s 192.168.0.4 -j ACCEPT
________________________________
How to block all connections to a port:
To block port 25:

iptables -A INPUT -p tcp –dport 25 -j DROP
iptables -A INPUT -p udp –dport 25 -j DROP

_______________
How to un-block:
To enable port 25:

iptables -A INPUT -p tcp –dport 25 -j ACCEPT
iptables -A INPUT -p udp –dport 25 -j ACCEPT

__________________________________________________________
To save all rules so that they are not lost in case of a server reboot:

/etc/init.d/iptables save

 Posted by at 11:58 pm

 Leave a Reply