Main Site   Dedicated Servers   VPS Servers   Shared Hosting   Security   Email Solutions   Server Backup

  Categories

Accounts & Billing
3
Cloud Backup
6
Dedicated Servers/VPS
64
Developers Corner
9
DNS Service
8
Domain Name
4
Mail Services
59
Network & Security
8
Search Engine Optimisation
6
Security and Performance
7
Web Hosting
27
Web Hosting Glossary
1

  Categories

  Tag Cloud

.pst 2F-Authentication 2FA A record aaPanel Access Denied ACH aconis acronis activation agent anacron anacrontab and run-parts all have excellent information and descriptions of android Antivirus Apache Kafka installation app password App Passwords Apple Mail attack automation Backend backup Bandwidth Monitoring Linux basic bcc because it does not exist or you do not have permission. bind bitcoin book booking Bootstrap Brute Force Cache Calendar CentOS CentOS OpenVPN centos8 cheat sheet Check Bandwidth Linux Check CPU Temperature China ClamAV cleanup clear DNS cache CLI cloud backup Cloud Hosting CNAME command Command Line command line interface command-line commands Common Attacks common terms compression Configure Network Settings configure Nginx Configure SSL Linux contacts copy files copy remote CPU Monitoring Create Virtual Machine credit card cron crontab Crypto csr CSS Custom Plugins cyber protect data backup data consistency data modeling data security Database database migration database performance ddos Debian debit card dedicated server Deployment development device DHCP dig command Direct deposit Disk Partitioning Django DKIM DNS DNS lookup DNS Lookup Command DNS Lookup Command - Troubleshoot Network Issues - NSLookup DNS lookup tools DNS records DNS refresh dns server dns settings DNS troubleshooting Docker domain Domain EPP Code domain name Domain Security Domain Transfer e-commerce easy egopay email backup email client EPP Code Importance error Europe Examples FAQ Fedora Fedora on WSL2 file transfer files flush DNS cache forwarding rule Free SSL Linux Free SSL Windows Frontend FTP G apps generator git github glossary Gmail Goods and Services Tax google google 2SV Google Admin console Google apps google workspace groups GST compliance gzip Heroku hosted email hosted mail hosting control panel hotmail HSN htaccess htaccess file HTML HTTPS Nginx iis iis 8 iis10 iis7 iis8 imap IMAP Folders IMAP Migration imap4 Incoming Filtering service indexing India GST InnoDB Input tax credit Install Control Panel Install KVM install Nginx Install OpenVPN Install SSL LetsEncrypt Install SSL Nginx Installing Agents ios ip block ip filter ipad iphone iptables commands iptables tutorial ipv4 JAPC java JavaScript Kafka on Docker Kafka on Kubernetes Kafka setup Kali Linux on WSL2 keystore Kubernetes KVM Installation KVM Setup Latest less secure apps LetsEncrypt Installation Linux Linux backup tool Linux Commands Linux DNS flush Linux firewall Linux flavors Linux network commands Linux Network Tools Linux Networking Linux on Windows Linux server Linux server administration Linux SSL Setup Linux VPN Guide live login 'sa' mac macOS DNS flush mail mail client Malware Malware Detection Manage Partitions management server managment map maria db MariaDB microsoft 365 Microsoft Office Outlook 2010 Microsoft Outlook Express Microsoft SQL Server instance migrate WordPress site migration MongoDB Mount Disk mount remote file system move files Mozilla Thunderbird msn MX MX records MX Records Settings my.cnf MyISAM myself mysql nano NEFT netmask Network Bandwidth Usage Network Configuration Network Interface Naming network management Network Scanning network troubleshooting networking nginx Nginx commands Nginx setup NodeJS NoSQL NPM NPX NS NSLookup Examples macOS OAuth okpay Open Ports Open Source OpenVPN Configuration OpenVPN Linux Optimization order outlook OX App Suite passkeys passwords payment gateways payment methods payment options paymentwall paypal payza Penetration Testing Percona perfect money performance PHP phpMyAdmin plesk plesk control panel plugin Plugin Development Plugins pop pop3 Port Scanning PostgreSQL Python qmail query DNS commands query optimization recovering register relay mail remote file systems renewal Request SSL Certificate reset a password for the 'sa' user Responsive Design restore reverse proxy RHEL RHEL OpenVPN rsync run-parts sa password scheduled task scp screen Secure copy Secure File Transfer security Security Auditing security' sending email SEO server server administration Server Health server security setting settings SFTP shared mailbox shipping choices Shortcode Shortcodes slave SMTP South Asia spam spam filter speed SPF SPF Records settings SQL SSHFS SSHFS examples SSHFS installation ssl SSL Certificate Nginx SSL Configuration Linux SSL on CentOS SSL on Ubuntu Static IP step by step System Performance Systron.net Systron.net hosting TCP terminal terminalogy text editor Theme Development Thunderbird tls tomcat Trace Network Routes macOS Terminal Traceroute Command Usage transfer Troubleshoot Network Issues two factor two-factor authentication Ubuntu Ubuntu on WSL2 UDP UPI US user experience Validate Network Virtualization Virtualmin VM containers VPN Setup VPS Vulnerabilities Vulnerability Assessment Web Development web hosting web hosting GST web server setup webmail Webmin website migration guide website not found Website Protection windows Windows - Traceroute Command Usage - Trace Network Routes ma Windows DNS flush windows live mail windows server Windows Subsystem for Linux 2 wire transfer WooCommerce WordPress wordpress automation wordpress cli wordpress command line interface wordpress development wordpress management WordPress migration WordPress migration tutorial WordPress to Systron.net WordPress, React, headless, theme development, API, GraphQL, RES WSL2 WSL2 examples zoho

  Support

My Support Tickets
Announcements
Knowledgebase
Downloads
Network Status
Open Ticket

Complete iptables Tutorial for Server Admins Print

  • iptables tutorial, Linux server administration, server security, iptables commands, Linux firewall
  • 324

Introduction

iptables is a powerful firewall tool for Linux systems, allowing server administrators to configure network traffic rules and enhance security. This guide covers essential commands, configuration techniques, troubleshooting, and best practices for managing iptables on Linux servers.

Prerequisites

  • A Linux server with administrative (root) access or sudo privileges.
  • Basic knowledge of networking concepts and Linux commands.
  • iptables installed on the server.

Installing iptables

iptables is usually pre-installed on most Linux distributions. To ensure it is installed, use the following commands:

# For RHEL/CentOS
sudo yum install iptables-services -y

# For Ubuntu/Debian
sudo apt install iptables -y

Basic iptables Commands

1. View Current Rules

sudo iptables -L -v -n

2. Add a Rule

Example: Allow incoming SSH traffic on port 22.

sudo iptables -A INPUT -p tcp --dport 22 -j ACCEPT

3. Delete a Rule

Example: Remove the rule allowing SSH traffic.

sudo iptables -D INPUT -p tcp --dport 22 -j ACCEPT

4. Save Rules

To persist rules across reboots:

# For RHEL/CentOS
sudo service iptables save

# For Ubuntu/Debian
sudo iptables-save > /etc/iptables/rules.v4

Advanced Configuration

1. Block Specific IP Address

Block all traffic from a specific IP address (e.g., 192.168.1.100):

sudo iptables -A INPUT -s 192.168.1.100 -j DROP

2. Allow Specific IP Address

Allow all traffic from a specific IP address:

sudo iptables -A INPUT -s 192.168.1.200 -j ACCEPT

3. Limit Connection Rate

Limit the number of connections to prevent DoS attacks:

sudo iptables -A INPUT -p tcp --dport 80 -m limit --limit 25/minute --limit-burst 100 -j ACCEPT

Troubleshooting

  • Rules Not Persisting: Ensure rules are saved using the appropriate commands for your distribution.
  • Unexpected Traffic Behavior: Check rule order; iptables processes rules sequentially.
  • Blocked Access: Use sudo iptables -F to flush all rules temporarily.

Best Practices

  • Always test new rules to ensure they do not block legitimate traffic.
  • Backup existing iptables rules before making changes.
  • Use logging to monitor traffic and identify potential security issues.

Conclusion

iptables is an essential tool for Linux server administrators to secure and manage network traffic effectively. By understanding its commands and best practices, you can enhance your server's security and performance.

Was this answer helpful?

Related Articles

How to Configure Network Settings on CentOS and Other Linux Flavors? Introduction Configuring network settings is an essential task for managing Linux systems.... How to Install OpenVPN on RHEL/CentOS and Other Linux Flavors? Introduction OpenVPN is a robust and highly configurable VPN solution used for secure... How to Check Network Bandwidth Usage in Linux? Introduction Monitoring network bandwidth usage is crucial for identifying bottlenecks,... dig Command in Linux with Examples Introduction The dig (Domain Information Groper) command is a flexible and powerful DNS lookup... How to Use Nmap to Scan for Open Ports? Introduction Nmap (Network Mapper) is a powerful open-source utility for network exploration and...
« Back

  Tag Cloud

.pst 2F-Authentication 2FA A record aaPanel Access Denied ACH aconis acronis activation agent anacron anacrontab and run-parts all have excellent information and descriptions of android Antivirus Apache Kafka installation app password App Passwords Apple Mail attack automation Backend backup Bandwidth Monitoring Linux basic bcc because it does not exist or you do not have permission. bind bitcoin book booking Bootstrap Brute Force Cache Calendar CentOS CentOS OpenVPN centos8 cheat sheet Check Bandwidth Linux Check CPU Temperature China ClamAV cleanup clear DNS cache CLI cloud backup Cloud Hosting CNAME command Command Line command line interface command-line commands Common Attacks common terms compression Configure Network Settings configure Nginx Configure SSL Linux contacts copy files copy remote CPU Monitoring Create Virtual Machine credit card cron crontab Crypto csr CSS Custom Plugins cyber protect data backup data consistency data modeling data security Database database migration database performance ddos Debian debit card dedicated server Deployment development device DHCP dig command Direct deposit Disk Partitioning Django DKIM DNS DNS lookup DNS Lookup Command DNS Lookup Command - Troubleshoot Network Issues - NSLookup DNS lookup tools DNS records DNS refresh dns server dns settings DNS troubleshooting Docker domain Domain EPP Code domain name Domain Security Domain Transfer e-commerce easy egopay email backup email client EPP Code Importance error Europe Examples FAQ Fedora Fedora on WSL2 file transfer files flush DNS cache forwarding rule Free SSL Linux Free SSL Windows Frontend FTP G apps generator git github glossary Gmail Goods and Services Tax google google 2SV Google Admin console Google apps google workspace groups GST compliance gzip Heroku hosted email hosted mail hosting control panel hotmail HSN htaccess htaccess file HTML HTTPS Nginx iis iis 8 iis10 iis7 iis8 imap IMAP Folders IMAP Migration imap4 Incoming Filtering service indexing India GST InnoDB Input tax credit Install Control Panel Install KVM install Nginx Install OpenVPN Install SSL LetsEncrypt Install SSL Nginx Installing Agents ios ip block ip filter ipad iphone iptables commands iptables tutorial ipv4 JAPC java JavaScript Kafka on Docker Kafka on Kubernetes Kafka setup Kali Linux on WSL2 keystore Kubernetes KVM Installation KVM Setup Latest less secure apps LetsEncrypt Installation Linux Linux backup tool Linux Commands Linux DNS flush Linux firewall Linux flavors Linux network commands Linux Network Tools Linux Networking Linux on Windows Linux server Linux server administration Linux SSL Setup Linux VPN Guide live login 'sa' mac macOS DNS flush mail mail client Malware Malware Detection Manage Partitions management server managment map maria db MariaDB microsoft 365 Microsoft Office Outlook 2010 Microsoft Outlook Express Microsoft SQL Server instance migrate WordPress site migration MongoDB Mount Disk mount remote file system move files Mozilla Thunderbird msn MX MX records MX Records Settings my.cnf MyISAM myself mysql nano NEFT netmask Network Bandwidth Usage Network Configuration Network Interface Naming network management Network Scanning network troubleshooting networking nginx Nginx commands Nginx setup NodeJS NoSQL NPM NPX NS NSLookup Examples macOS OAuth okpay Open Ports Open Source OpenVPN Configuration OpenVPN Linux Optimization order outlook OX App Suite passkeys passwords payment gateways payment methods payment options paymentwall paypal payza Penetration Testing Percona perfect money performance PHP phpMyAdmin plesk plesk control panel plugin Plugin Development Plugins pop pop3 Port Scanning PostgreSQL Python qmail query DNS commands query optimization recovering register relay mail remote file systems renewal Request SSL Certificate reset a password for the 'sa' user Responsive Design restore reverse proxy RHEL RHEL OpenVPN rsync run-parts sa password scheduled task scp screen Secure copy Secure File Transfer security Security Auditing security' sending email SEO server server administration Server Health server security setting settings SFTP shared mailbox shipping choices Shortcode Shortcodes slave SMTP South Asia spam spam filter speed SPF SPF Records settings SQL SSHFS SSHFS examples SSHFS installation ssl SSL Certificate Nginx SSL Configuration Linux SSL on CentOS SSL on Ubuntu Static IP step by step System Performance Systron.net Systron.net hosting TCP terminal terminalogy text editor Theme Development Thunderbird tls tomcat Trace Network Routes macOS Terminal Traceroute Command Usage transfer Troubleshoot Network Issues two factor two-factor authentication Ubuntu Ubuntu on WSL2 UDP UPI US user experience Validate Network Virtualization Virtualmin VM containers VPN Setup VPS Vulnerabilities Vulnerability Assessment Web Development web hosting web hosting GST web server setup webmail Webmin website migration guide website not found Website Protection windows Windows - Traceroute Command Usage - Trace Network Routes ma Windows DNS flush windows live mail windows server Windows Subsystem for Linux 2 wire transfer WooCommerce WordPress wordpress automation wordpress cli wordpress command line interface wordpress development wordpress management WordPress migration WordPress migration tutorial WordPress to Systron.net WordPress, React, headless, theme development, API, GraphQL, RES WSL2 WSL2 examples zoho

  Support

My Support Tickets
Announcements
Knowledgebase
Downloads
Network Status
Open Ticket