Last Updated: February 25, 2016
·
1.945K
· pmaoui

Iptables - Cheatsheet

Iptables is the most popular firewall on linux. If you want to secure a server, here are some useful commands that I use.

# ensure to accept the connection in first place
iptables -P INPUT ACCEPT

# accept already established connection (lDNS queries etc)
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

# put your ip here and get full access to your server
iptables -A INPUT -s {YOUR_IP_HERE} -j ACCEPT

# if you want your server to respond to ping request
iptables -A INPUT -p icmp  -j ACCEPT

# open a specific port (here HTTP)
iptables -A INPUT -p tcp --dport 80 -j ACCEPT

# all other request will be dropped
iptables -P INPUT DROP

If you want to keep your configuration persistent after a reboot, you should install iptables-persistent


Other tips :

Check all rules with line numbers :

iptables -L --line-numbers

Delete a rule based on its line number (useful with the previous command) :

iptables -D INPUT 14