Iptables cheat sheet

Posted on the November 17th, 2009 under Cheat Sheets by Stephen

Iptables is a Linux kernel-level module allowing us to perform various networking manipulations (i.e. packet filtering) to achieve better network security.

Here are some iptables commands I have found useful. This list will be updated from time to time.

View all current iptables rules:

iptables -L -v

 

View all INPUT rules:

iptables -L INPUT -nv

 

How to block an IP address using iptables:

iptables -I INPUT -s "201.128.33.200" -j DROP

 

To block a range of IP addresses:

iptables -I INPUT -s "201.128.33.0/24" -j DROP

 

How to unblock an IP address:

iptables -D INPUT -s "201.128.33.200" -j DROP

 

How to block all connections to a port:
To block port 25:

iptables -A INPUT -p tcp --dport 25 -j DROP
iptables -A INPUT -p udp --dport 25 -j DROP

 

How to un-block:
To enable port 25:

iptables -A INPUT -p tcp --dport 25 -j ACCEPT
iptables -A INPUT -p udp --dport 25 -j ACCEPT

 

To save all rules so that they are not lost in case of a server reboot:

/etc/init.d/iptables save
Share this page:
  • Facebook
  • Twitter
  • StumbleUpon
  • Slashdot
  • Digg
  • del.icio.us
  • Google Bookmarks
  • Live
  • MySpace
  • Technorati
  • LinkedIn
  • Reddit
Related Posts:
  1. Ubuntu LAMP cheat sheet
  2. RPM cheat sheet
  3. Screen cheat sheet
  4. Unix FIND command cheat sheet
  5. Exim Cheatsheet

Leave a Comment