Basic Rules and Commands for Iptables Firewall on Linux Virtual Machine


Iptables is a software firewall which is being included with the most Linux system distributions as a default. As iptables is a command-line firewall utility which makes uses of the policy chains to permit or block the traffic. Once the connection tries to ascertain itself on the system, iptables will look for a rule in the list to match it. If in case it does not find, it declares to the default action. iptable application program is user-friendly and permits the system administrator to configure the tables offered by the Linux kernel. Different types of kernel modules and programs are presently used for different protocols.

Windows vps service providers

List of the basic Iptables Firewall commands:

To find the network interface run the below command:

#  ifconfig


Note: In the below-mentioned examples the network interface is eth0


Display the current list of the configured iptables rules:


#  iptables -L


To erase the currently configured iptables rules, you can make use of the flush command:


#  iptables -F


To block the specific ip-address connection you need to run the below command like block ip


#  iptables -A INPUT -s -j DROP


To block specific ip-address of the SSH connection you need to run the below command like block ip


#  iptables -A INPUT -p tcp –dport ssh -s -j DROP

#  iptables -A INPUT -p tcp –dport ssh -j DROP


Permitting the incoming SSH only from a specific Network like allowing ssh connection from 123.456.7.x network:


#  iptables -A INPUT -i eth0 -p tcp -s 123.456.7.8/90 –dport 25 -m state –state NEW,ESTABLISHED -j ACCEPT

#  iptables -A OUTPUT -o eth0 -p tcp –sport 25 -m state –state ESTABLISHED -j ACCEPT


Best VPS Reseller Hosting India   Kali Linux VPS



Rules of Ping iptables:


Permitting Ping from outside to inside


#  iptables -A INPUT -p icmp –icmp-type echo-request -j ACCEPT

#  iptables -A OUTPUT -p icmp –icmp-type echo-reply -j ACCEPT


Permitting Ping from Inside to Outside


#  iptables -A OUTPUT -p icmp –icmp-type echo-request -j ACCEPT

#  iptables -A INPUT -p icmp –icmp-type echo-reply -j ACCEPT


Permitting all the Incoming HTTP and HTTPS:


#  iptables -A INPUT -i eth0 -p tcp –dport 80,443 -m state –state NEW,ESTABLISHED -j ACCEPT

#  iptables -A OUTPUT -o eth0 -p tcp –sport 80,443 -m state –state ESTABLISHED -j ACCEPT


Permitting MySQL connection from a particular IP-address:


#  iptables -A INPUT -i eth0 -p tcp -s 123.456.7.89 –dport 3306 -m state –state NEW,ESTABLISHED -j ACCEPT

#  iptables -A OUTPUT -o eth0 -p tcp –sport 3306 -m state –state ESTABLISHED -j ACCEPT


Permitting the outbound DNS:


#  iptables -A OUTPUT -p udp -o eth0 –dport 53 -j ACCEPT

#  iptables -A INPUT -p udp -i eth0 –sport 53 -j ACCEPT


Saving of iptables Changes:


The changes which are going to be made in iptables rules will be removed next time that the iptables service restarted until you perform a command to save the changes. And this command will differ based on the distribution Linux os:


For Ubuntu OS:

#  sudo /sbin/iptables-save

For Red Hat / CentOS:

#  /sbin/service iptables save


For more information on Iptables Firewall Rules and Commands contact our support team via live chat, email, ticket system, phone or toll-free no 1800-123-8642.