IPTables Firewall Configs

List current chains:

iptables -L

Insert into chain INPUT in 1st position to accept only on tcp protocol from the 192.168.1.0/24 network from port 443 to IP 192.168.1.51 port 443

iptables -I INPUT 1 -p tcp -s 192.168.1.0/24 --sport 443 -d 192.168.1.51 --dport 443 -j ACCEPT

Insert into 4th position into chain INPUT

iptables -I INPUT 4 -p tcp -s 192.168.1.0/24 --sport 443 -d 192.168.1.51 --dport 443 -j ACCEPT

Append to the end of chain INPUT

iptables -A INPUT -p tcp -j DROP

Always issue one of the following (depending on distro) to have changes survive reboot:

iptables-save

With systemd:

systemctl iptables save

With Upstart:

service iptables save

If none of the above work:

/etc/init.d/iptables save

If you are on a Debian based distro (Ubuntu, Mint, etc.), remember to install iptables-persistent:

apt install iptables-persistent

Leave a Reply

My notes for future me