Friday, October 3, 2014

IPTABLES

# List the rules with line numbers,
# the -n disables the DNS reverse lookup
iptables -n --list --line-numbers

# Block a specific IP
iptables -A INPUT -s 192.168.0.1 -j DROP

# Allow SSH for a specific IP
iptables -A INPUT -s 192.168.0.2 -p tcp -m tcp --dport 22 -j ACCEPT

# Delete a rule based on its number
iptables -D INPUT 8

# Insert rule before other certain one
# For example before line # 3
iptables -I INPUT 3 -s 192.168.0.2 -p tcp -m tcp --dport 22 -j ACCEPT


No comments: