Iptables is a Linux kernel-level module allowing us to perform various networking manipulations (i.e. packet filtering) to achieve better network security.
Here are some iptables commands I have found useful. This list will be updated from time to time.
View all current iptables rules:
iptables -L -v
View all INPUT rules:
iptables -L INPUT -nv
How to block an IP address using iptables:
iptables -I INPUT -s "201.128.33.200" -j DROP
To block a range of IP addresses:
iptables -I INPUT -s "201.128.33.0/24" -j DROP
How to unblock an IP address:
iptables -D INPUT -s "201.128.33.200" -j DROP
How to block all connections to a port:
To block port 25:
iptables -A INPUT -p tcp --dport 25 -j DROP iptables -A INPUT -p udp --dport 25 -j DROP
How to un-block:
To enable port 25:
iptables -A INPUT -p tcp --dport 25 -j ACCEPT iptables -A INPUT -p udp --dport 25 -j ACCEPT
To save all rules so that they are not lost in case of a server reboot:
/etc/init.d/iptables save