snippets > basic-survival-guide-commands-iptables

July 02, 2022

Basic survival guide and commands for iptables

iptables is a Linux firewall tool that manages packet routing and can block or allow traffic based on rules like a packet’s origin or destination.

Its settings are organized in tables which contain sets of rules, called chains, that will filter data packets.

# Check current configuration
iptables -L -v

# Accept all requests from an IP
iptables -A INPUT -s <ip> -j ACCEPT

# Drop all requests from an IP
iptables -A INPUT -s <ip> -j DROP

# Drop all requests from a range of IPs
iptables -A INPUT -m iprange --src-range <ip_range_start>-<ip_range_end> -j DROP

# Drop all traffic (must be run after acceptance rules)
iptables -A INPUT -j DROP

# Delete all current rules
iptables -F

# Persist changes to disk
/sbin/iptables-save
# Depending on your setup, you may need to run another command instead
netfilter-persistent save