Dec 092009

Iptables is a Linux kernel-level module allowing us to perform various networking manipulations (i.e. packet filtering) to achieve better network security.
Here are some iptables commands I have found useful. This list will be updated from time to time.
View all current iptables rules:

iptables -L -v

View all INPUT rules:

iptables -L INPUT -nv

How to block an IP address using iptables:

iptables -I INPUT -s “” -j DROP

To block a range of IP addresses:

iptables -I INPUT -s “” -j DROP

How to unblock an IP address:

iptables -D INPUT -s “” -j ACCEPT
Accept packets from trusted IP addresses
/sbin/iptables -A INPUT -s -j ACCEPT
How to block all connections to a port:
To block port 25:

iptables -A INPUT -p tcp –dport 25 -j DROP
iptables -A INPUT -p udp –dport 25 -j DROP

How to un-block:
To enable port 25:

iptables -A INPUT -p tcp –dport 25 -j ACCEPT
iptables -A INPUT -p udp –dport 25 -j ACCEPT

To save all rules so that they are not lost in case of a server reboot:

/etc/init.d/iptables save

 Posted by at 11:58 pm