25 Must‑Know Linux iptables Rules for Secure Firewall Management
This guide presents 25 essential Linux iptables rules—from clearing existing policies to configuring SSH, HTTP, DNS, and DoS protection—illustrated with command screenshots, enabling administrators to quickly adapt firewall settings to their specific network security needs.
Below are common Linux iptables rules; modify them according to your specific requirements.
# 1. Delete all existing rules
# 2. Set default chain policies
# 3. Block a specific IP address
# 4. Allow all incoming SSH
# 5. Allow SSH only from a specific network
# 6. Allow incoming HTTP
# 7. Allow multiple ports (SSH, HTTP, HTTPS)
# 8. Allow outgoing SSH
# 9. Allow outgoing SSH to a specific network only
# 10. Allow outgoing HTTPS
# 11. Load balance incoming HTTPS traffic
# 12. Ping from internal to external
# 13. Ping from external to internal
# 14. Allow loopback access
# 15. Allow packets from internal network to external
# 16. Allow outgoing DNS
# 17. Allow NIS connections
# 18. Allow rsync from a specific network
# 19. Allow MySQL connections only from a specific network
# 20. Allow Sendmail or Postfix
# 21. Allow IMAP and IMAPS
# 22. Allow POP3 and POP3S
# 23. Prevent DoS attacks
# 24. Forward port 422 to port 22
# 25. Log dropped packets
Signed-in readers can open the original source through BestHub's protected redirect.
This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactand we will review it promptly.
MaGe Linux Operations
Founded in 2009, MaGe Education is a top Chinese high‑end IT training brand. Its graduates earn 12K+ RMB salaries, and the school has trained tens of thousands of students. It offers high‑pay courses in Linux cloud operations, Python full‑stack, automation, data analysis, AI, and Go high‑concurrency architecture. Thanks to quality courses and a solid reputation, it has talent partnerships with numerous internet firms.
How this landed with the community
Was this worth your time?
0 Comments
Thoughtful readers leave field notes, pushback, and hard-won operational detail here.