Iptables

From Dave-Wiki
Revision as of 02:11, 13 February 2024 by Dave (talk | contribs) (Created page with "===Show rules, with line numbers and don't resolve IP's=== iptables -nL --line-numbers ===Delete a line, e.g. 35=== iptables -D INPUT 35 ===Append Rule=== Allow single port from a network iptables -A INPUT -s [src-ip/sm] -p tcp -m tcp --dport [dest-port] -m conntrack --ctstate NEW -m comment --comment "[comment]" -j ACCEPT Allow multi ports from a network iptables -A INPUT -s [src-ip/sm] -p tcp -m multiport --dports [dest-port1],[dest-port2] -m conntrack --cts...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Show rules, with line numbers and don't resolve IP's

 iptables -nL --line-numbers

Delete a line, e.g. 35

 iptables -D INPUT 35

Append Rule

Allow single port from a network 

 iptables -A INPUT -s [src-ip/sm] -p tcp -m tcp --dport [dest-port] -m conntrack --ctstate NEW -m comment --comment "[comment]" -j ACCEPT

Allow multi ports from a network 

 iptables -A INPUT -s [src-ip/sm] -p tcp -m multiport --dports [dest-port1],[dest-port2] -m conntrack --ctstate NEW -m comment --comment "[comment]" -j ACCEPT

Insert Rule

Before specific line number 

 iptables -I INPUT [line#] -s [src-ip/sm] -p tcp -m tcp --dport [dest-port] -m conntrack --ctstate NEW -m comment --comment "[comment]" -j ACCEPT

Save iptables

(Make changes persistent - otherwise you'll lose them at next reboot.) 

 iptables-save > /etc/sysconfig/iptables
Retrieved from "https://davehome.net/wiki/index.php?title=Iptables&oldid=182"