The Linux iptables Command #
The Linux iptables command is a powerful tool for configuring and managing firewall rules. It allows users to define rules for incoming and outgoing traffic, set policies for handling packets, and ensure network security. This guide provides a complete overview of iptables, with examples to illustrate key uses.
Key Usage and Syntax of the iptables Command #
The iptables command follows a general syntax structure:
iptables [OPTIONS] COMMAND CHAIN RULE
- OPTIONS modify the behavior of
iptables, like-vfor verbose output. - COMMAND specifies the action, such as
-Ato append a rule or-Dto delete a rule. - CHAIN is the target chain where the rule will be applied (e.g.,
INPUT,OUTPUT, orFORWARD). - RULE defines criteria like source, destination, protocol, etc.
iptables Command Cheatsheet Table #
| Command | Description |
|---|---|
iptables -L |
List all rules in the default filter table |
iptables -A INPUT -s <IP> -j DROP |
Block all incoming traffic from a specific IP |
iptables -A OUTPUT -p tcp --dport 80 -j ACCEPT |
Allow outgoing traffic on port 80 (HTTP) |
iptables -D INPUT -s <IP> -j DROP |
Delete a specific rule that blocks an IP |
iptables -F |
Flush all rules in the filter table |
iptables -P INPUT DROP |
Set default policy for INPUT chain to DROP |
Commonly Used Chains in iptables #
- INPUT: Handles incoming connections to the host.
- OUTPUT: Manages outgoing connections from the host.
- FORWARD: Manages packets that are routed through the host.
Examples of iptables Commands #
Listing All Rules #
iptables -L
This command lists all the rules in the current iptables configuration, along with details of each rule.
Chain INPUT (policy ACCEPT) target prot opt source destination DROP all -- 192.168.1.100 anywhere Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination
Allowing Specific Traffic #
To allow incoming traffic on a specific port, such as SSH (port 22):
iptables -A INPUT -p tcp --dport 22 -j ACCEPT
This command appends a rule allowing TCP traffic on port 22 in the INPUT chain.
Blocking Traffic from an IP Address #
iptables -A INPUT -s 192.168.1.100 -j DROP
This command blocks all incoming traffic from the specified IP address.
Flushing All Rules #
iptables -F
Use this command to flush (remove) all rules in the default filter table, resetting all chains.
Setting Default Policies #
Set a default policy to drop incoming packets:
iptables -P INPUT DROP
This command sets the default policy for the INPUT chain to DROP, blocking any traffic not explicitly allowed by a rule.
Saving and Restoring iptables Rules #
After setting up iptables rules, save them to persist across reboots.
- Save:
iptables-save > /etc/iptables/rules.v4 - Restore:
iptables-restore < /etc/iptables/rules.v4
Summary #
The iptables command provides granular control over packet filtering and firewall management on Linux. With it, users can define rules for different types of network traffic, block or allow specific IPs, and set default policies for added security.
