Basic Rules and Commands for Iptables Firewall on Linux Virtual Machine

 

Iptables is a software firewall which is being included with the most Linux system distributions as a default. As iptables is a command-line firewall utility which makes uses of the policy chains to permit or block the traffic. Once the connection tries to ascertain itself on the system, iptables will look for a rule in the list to match it. If in case it does not find, it declares to the default action. iptable application program is user-friendly and permits the system administrator to configure the tables offered by the Linux kernel. Different types of kernel modules and programs are presently used for different protocols.

 
Windows vps service providers
 

List of the basic Iptables Firewall commands:

To find the network interface run the below command:


#  ifconfig

 

Note: In the below-mentioned examples the network interface is eth0

 

Display the current list of the configured iptables rules:

 

#  iptables -L

 

To erase the currently configured iptables rules, you can make use of the flush command:

 

#  iptables -F

 

To block the specific ip-address connection you need to run the below command like block ip 1.2.3.4:

 

#  iptables -A INPUT -s 1.2.3.4 -j DROP

 

To block specific ip-address of the SSH connection you need to run the below command like block ip 1.2.3.4:

 

#  iptables -A INPUT -p tcp –dport ssh -s 1.2.3.4 -j DROP

#  iptables -A INPUT -p tcp –dport ssh -j DROP

 

Permitting the incoming SSH only from a specific Network like allowing ssh connection from 123.456.7.x network:

 

#  iptables -A INPUT -i eth0 -p tcp -s 123.456.7.8/90 –dport 25 -m state –state NEW,ESTABLISHED -j ACCEPT

#  iptables -A OUTPUT -o eth0 -p tcp –sport 25 -m state –state ESTABLISHED -j ACCEPT

 

Best VPS Reseller Hosting India   Kali Linux VPS

 

 

Rules of Ping iptables:

 

Permitting Ping from outside to inside

 

#  iptables -A INPUT -p icmp –icmp-type echo-request -j ACCEPT

#  iptables -A OUTPUT -p icmp –icmp-type echo-reply -j ACCEPT

 

Permitting Ping from Inside to Outside

 

#  iptables -A OUTPUT -p icmp –icmp-type echo-request -j ACCEPT

#  iptables -A INPUT -p icmp –icmp-type echo-reply -j ACCEPT

 

Permitting all the Incoming HTTP and HTTPS:

 

#  iptables -A INPUT -i eth0 -p tcp –dport 80,443 -m state –state NEW,ESTABLISHED -j ACCEPT

#  iptables -A OUTPUT -o eth0 -p tcp –sport 80,443 -m state –state ESTABLISHED -j ACCEPT

 

Permitting MySQL connection from a particular IP-address:

 

#  iptables -A INPUT -i eth0 -p tcp -s 123.456.7.89 –dport 3306 -m state –state NEW,ESTABLISHED -j ACCEPT

#  iptables -A OUTPUT -o eth0 -p tcp –sport 3306 -m state –state ESTABLISHED -j ACCEPT

 

Permitting the outbound DNS:

 

#  iptables -A OUTPUT -p udp -o eth0 –dport 53 -j ACCEPT

#  iptables -A INPUT -p udp -i eth0 –sport 53 -j ACCEPT

 

Saving of iptables Changes:

 

The changes which are going to be made in iptables rules will be removed next time that the iptables service restarted until you perform a command to save the changes. And this command will differ based on the distribution Linux os:

 

For Ubuntu OS:

#  sudo /sbin/iptables-save

For Red Hat / CentOS:

#  /sbin/service iptables save

 

For more information on Iptables Firewall Rules and Commands contact our support team via live chat, email, ticket system, phone or toll-free no 1800-123-8642.