Skip to main content

iptables

Introduction

This cheat sheet provides a quick reference for some common iptables commands and concepts. iptables is a command-line utility used to configure and manage firewall rules on Linux-based systems.

iptables Concepts

Firewall Rules

iptables uses rules to control incoming and outgoing network traffic.

  • List all firewall rules: 
    iptables -L

Rule Chains

iptables has predefined rule chains for different purposes, such as INPUT, OUTPUT, and FORWARD.

  • List rules in the INPUT chain:

    iptables -L INPUT

  • List rules in the OUTPUT chain:

    iptables -L OUTPUT

  • List rules in the FORWARD chain:

    iptables -L FORWARD

Rule Actions

Rules can have actions like ACCEPT, DROP, and REJECT.

  • Allow incoming traffic (ACCEPT):

    iptables -A INPUT -j ACCEPT

  • Drop incoming traffic (DROP):

    iptables -A INPUT -j DROP

  • Reject incoming traffic (REJECT):

    iptables -A INPUT -j REJECT

Source and Destination

You can specify source and destination IP addresses.

  • Allow traffic from a specific IP address:

    iptables -A INPUT -s source_ip -j ACCEPT

  • Allow traffic to a specific IP address and port:

    iptables -A INPUT -d destination_ip -p tcp --dport port_number -j ACCEPT

Stateful Filtering

iptables can perform stateful packet inspection.

  • Allow established connections: 
    iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

Port Forwarding

iptables can forward traffic from one port to another.

  • Port forward from port 80 to 8080: 
    iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 8080

iptables Command-Line

  • List all firewall rules:

    iptables -L

  • Add a rule to allow incoming SSH traffic:

    iptables -A INPUT -p tcp --dport 22 -j ACCEPT

  • Delete a rule by rule number:

    iptables -D INPUT 3

  • Save rules to a file:

    iptables-save > /etc/iptables/rules.v4

Conclusion

This cheat sheet covers some common iptables commands and concepts. iptables is a powerful tool for configuring and managing firewall rules on Linux-based systems, helping secure and control network traffic; refer to the official iptables documentation for more in-depth information and advanced usage.