Home / Security Commands / iptables

iptables

Linux Firewall Management

What Does It Do?

The iptables command is a powerful firewall utility that allows system administrators to configure rules for filtering network packets in Linux, controlling which traffic is allowed or blocked.

Think of iptables like a security checkpoint at a building entrance. Just as guards check IDs and decide who can enter or leave, iptables examines network packets and decides whether to accept, drop, or reject them based on rules you define. IT professionals use it to block malicious traffic, allow specific services (like SSH or web servers), protect servers from attacks, control outbound connections, and create secure network policies.

Advertisement

[ Insert Google AdSense Banner Code Here ]

When Should I Use It?

Secure Your Server

Block unauthorized access and protect against network attacks.

Control Network Services

Allow only specific ports and services (SSH, HTTP, HTTPS) to be accessible.

Block Malicious IPs

Prevent known attackers or suspicious IP addresses from reaching your system.

Set Default Policies

Define what happens to traffic that doesn't match any specific rule.

Common Commands

sudo iptables -L

List all firewall rules in all chains (INPUT, OUTPUT, FORWARD).

sudo iptables -L -n -v

List rules with verbose output and numeric IP addresses (no DNS lookups).

sudo iptables -A INPUT -p tcp --dport 22 -j ACCEPT

Allow SSH connections on port 22 (append rule to INPUT chain).

sudo iptables -A INPUT -p tcp --dport 80 -j ACCEPT

Allow HTTP traffic on port 80 for web servers.

sudo iptables -A INPUT -s 192.168.1.100 -j DROP

Block all traffic from a specific IP address (192.168.1.100).

sudo iptables -D INPUT 1

Delete the first rule from the INPUT chain (rules are numbered starting at 1).

sudo iptables -F

Flush (delete) all rules in all chains - WARNING: Use with caution!

sudo iptables -P INPUT DROP

Set default policy for INPUT chain to DROP (deny all traffic not explicitly allowed).

CRITICAL FIREWALL WARNING

You can lock yourself out! Setting iptables -P INPUT DROP without allowing SSH first will disconnect you from remote servers permanently.

Always allow SSH BEFORE setting DROP policy! Use sudo iptables -A INPUT -p tcp --dport 22 -j ACCEPT first.

Test rules before making permanent: iptables rules are lost on reboot unless saved with iptables-save. Test thoroughly before persisting rules.

Try It Yourself

Practice iptables commands in the interactive terminal below: