Practical iptables Commands for Linux Firewall Management

Click the blue “DevOps Architecture Practice” to follow the author and share the post to your Moments for daily 07:30 technical content.

The following iptables commands demonstrate common firewall operations on a Linux node. iptables -Z – Zero the packet and byte counters in all chains. iptables -X – Delete all user‑defined chains. iptables -F – Flush (remove) all rules in all chains. iptables -nL – List all rules with numeric output (no DNS resolution).

To block the SSH port (22): iptables -t filter -A INPUT -p tcp --dport 22 -j DROP To deny traffic from a specific IP (54.91.113.221): iptables -I INPUT -p tcp -s 54.91.113.221 -i eth0 -j DROP To create a rule that matches all sources except a given IP (negation): iptables -A INPUT -p tcp ! -s 20.20.0.2 -i eth0 -j DROP To match a range of ports (22, 80, 443, 3307):

iptables -I INPUT -p tcp -m multiport --dport 22,80,443,3307 -j DROP

To allow only established or related connections:

iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

State matching options explained:

NEW – a new connection is being initiated.

ESTABLISHED – the connection is already established.

RELATED – a new connection related to an existing one.

INVALID – the packet is malformed or cannot be identified.

Set default policies:

iptables -P INPUT DROP

iptables -P FORWARD DROP

iptables -P OUTPUT ACCEPT

Save and restart the firewall configuration: /etc/init.d/iptables save – saves the current rules to /etc/sysconfig/iptables. /etc/init.d/iptables restart – restarts the iptables service.

--- End of tutorial ---