This is a basic IPtables help guide for beginners, I use ubuntu. I run as root! SO if you are not logged in as root please add
sudo in front of any commands.

Listing your current rule set –

iptables -L

You should see your rules if you have none you will see:

Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Allowing Incoming Traffic on Specific Ports

You can go wild and block everything but chances are you will need ssh!

To allow your ssh use your port in place of the one I have used after the -dport switch:

iptables -A INPUT -p tcp --dport 1337 -j ACCEPT

You can use this command to allow any port of your liking!

Blocking Traffic

As long as you have added your rules to accept traffic first you can block all other traffic. This can be done by running the following command:

iptables -i eth0 -A INPUT -j DROP

Loopback

Allow loopback traffic!

iptables -I INPUT 1 -i lo -j ACCEPT

Logging

This will log dropped packets to syslog:

iptables -I INPUT 5 -m limit --limit 5/min -j LOG --log-prefix "iptables denied: " --log-level 7

Saving iptables

To save your setting please use:

iptables-save

Save rules to a file:

sh -c "iptables-save > /etc/iptables.rules"

make IPtables run on startup:

nano /etc/network/interfaces

now add the following:

pre-up iptables-restore < /etc/iptables.up.rules

Should now look similar to this:

...
auto lo
iface lo inet loopback
pre-up iptables-restore < /etc/iptables.up.rules

# The primary network interface
...

Any question leave a comment.

Bookmark It