Q. What is iptables?

 -- It’s the basics of Firewall for Linux. Iptables is a rule based firewall system and it is normally pre-installed on a Unix operating system which is controlling the incoming and outgoing packets. By-default the iptables is running without any rules, we can create, add, edit rules into it.

Rule: 1. Block Specific IP Address in IPtables Firewall :

# iptables -A INPUT -s xxx.xxx.xxx.xxx -j DROP

Note: In case you only want to block TCP traffic from that IP address:

# iptables -A INPUT -p tcp -s xxx.xxx.xxx.xxx -j DROP

Rule: 2. Unblock IP Address in IPtables Firewall :

# iptables -D INPUT -s xxx.xxx.xxx.xxx -j DROP

Rule: 3. Block Specific Port on IPtables Firewall :

# iptables -A OUTPUT -p tcp --dport xxx -j DROP

Rule: 4. To Allow Incoming Connections use :

# iptables -A INPUT -p tcp --dport xxx -j ACCEPT

Rule: 5. Allow Multiple Ports on IPtables using Multiport :

# iptables -A INPUT  -p tcp -m multiport --dports 22,80,443 -j ACCEPT
# iptables -A OUTPUT -p tcp -m multiport --sports 22,80,443 -j ACCEPT

Rule: 6. Allow Specific Network Range on Particular Port on IPtables :

# iptables -A OUTPUT -p tcp -d 192.168.100.0/24 --dport 22 -j ACCEPT

Rule: 7. Block Facebook on IPtables Firewall :

# host facebook.com
facebook.com has address 66.220.156.68

# whois 66.220.156.68 | grep CIDR
CIDR: 66.220.144.0/20

# iptables -A OUTPUT -p tcp -d 66.220.144.0/20 -j DROP

Rule: 8. Setup Port Forwarding in IPtables :

# iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 25 -j REDIRECT --to-port 2525

Rule: 9. Block Network Flood on Apache Port with IPtables :

# iptables -A INPUT -p tcp --dport 80 -m limit --limit 100/minute --limit-burst 200 -j ACCEPT

Rule: 10. Block Incoming Ping Requests on IPtables :

# iptables -A INPUT -p icmp -i eth0 -j DROP

Rule: 11. Allow loopback (127.0.0.1) Access :

# iptables -A INPUT -i lo -j ACCEPT
# iptables -A OUTPUT -o lo -j ACCEPT

Rule: 12. Block Access to Specific MAC Address on IPtables :

# iptables -A INPUT -m mac --mac-source 00:00:00:00:00:00 -j DROP

Rule: 13. Limit the Number of Concurrent Connections per IP Address :

# iptables -A INPUT -p tcp --syn --dport 22 -m connlimit --connlimit-above 3 -j REJECT

Rule: 14. Setup IPtables Rules for PCI Compliance :

# iptables -I INPUT -d SITE -p tcp -m multiport --dports 21,25,110,143,465,587,993,995 -j DROP

If you use cPanel or similar control panel, you may need to block it’s’ ports as well. Here is an example:

# iptables -I in_sg -d DEDI_IP -p tcp -m multiport --dports  2082,2083,2095,2096,2525,2086,2087 -j DROP

Rule: 15. Block Connection on Network Interface :

# iptables -A INPUT -i eth0 -s xxx.xxx.xxx.xxx -j DROP

Rule: 16. Disable Outgoing Mails through IPTables :

# iptables -A OUTPUT -p tcp --dports 25,465,587 -j REJECT

Thanks For Visiting on My Blog, For More Tutorials Keep Visiting My Blog