Iptables: Difference between revisions

From Dave-Wiki
Jump to navigation Jump to search
(Created page with "===Show rules, with line numbers and don't resolve IP's=== iptables -nL --line-numbers ===Delete a line, e.g. 35=== iptables -D INPUT 35 ===Append Rule=== Allow single port from a network iptables -A INPUT -s [src-ip/sm] -p tcp -m tcp --dport [dest-port] -m conntrack --ctstate NEW -m comment --comment "[comment]" -j ACCEPT Allow multi ports from a network iptables -A INPUT -s [src-ip/sm] -p tcp -m multiport --dports [dest-port1],[dest-port2] -m conntrack --cts...")
 
Line 2: Line 2:
   iptables -nL --line-numbers
   iptables -nL --line-numbers


===Delete a line, e.g. 35===
===Delete a line===
e.g., line #35
   iptables -D INPUT 35
   iptables -D INPUT 35


Revision as of 02:11, 13 February 2024

Show rules, with line numbers and don't resolve IP's

 iptables -nL --line-numbers

Delete a line

e.g., line #35 

 iptables -D INPUT 35

Append Rule

Allow single port from a network 

 iptables -A INPUT -s [src-ip/sm] -p tcp -m tcp --dport [dest-port] -m conntrack --ctstate NEW -m comment --comment "[comment]" -j ACCEPT

Allow multi ports from a network 

 iptables -A INPUT -s [src-ip/sm] -p tcp -m multiport --dports [dest-port1],[dest-port2] -m conntrack --ctstate NEW -m comment --comment "[comment]" -j ACCEPT

Insert Rule

Before specific line number 

 iptables -I INPUT [line#] -s [src-ip/sm] -p tcp -m tcp --dport [dest-port] -m conntrack --ctstate NEW -m comment --comment "[comment]" -j ACCEPT

Save iptables

(Make changes persistent - otherwise you'll lose them at next reboot.) 

 iptables-save > /etc/sysconfig/iptables
Retrieved from "https://davehome.net/wiki/index.php?title=Iptables&oldid=183"