iptables
- How to list iptables rules
- Block an IP using iptables
- Open MySQL Port 3306 in CentOS 7
- Saving iptables firewall rules
- Port forward using iptables
- iptables -F lock me out
- How to redirect traffic to another IP using iptables
To list current rules, run
1 |
iptables -S |
Or
1 |
iptables -L |
To list rules in numeric format, run
1 |
iptables -nvL |
Or
1 |
iptables -L -n |
To view nat rules
1 |
iptables -t nat -L -n --line-number |
To see rules with counter, use
1 |
iptables -L -n -v |
Open port 80
1 |
iptables -A INPUT -p tcp --dport 80 -j ACCEPT |
To open port 8080 in iptables firewall, run
1 |
iptables -A INPUT -m state --state NEW -p tcp --dport 8080 -j ACCEPT |
Open Port Range
1 |
iptables -A INPUT -p tcp --match multiport --dports 50000:60000 -j ACCEPT |
Whitelist an IP
1 |
iptables --append INPUT --protocol tcp --source 64.57.102.34 --jump ACCEPT |
Forward a Port to Another
All request on port 80 will get forwarded to port 7080
1 |
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j DNAT --to-destination :7080 |
Saving IP tables
Above IP table commands take effect immediatly, but they get lost when you reboot the PC. To make it permanent, run
1 |
service save iptables |
You can also use
1 |
iptables-save > /etc/sysconfig/iptables |
Related config are saved in
1 2 |
/etc/sysconfig/iptables /etc/iptables/iptables.rules |
Before Flush
Make sure all Chains are set to ACCEPT, if DROP, run
1 2 3 4 |
iptables -P INPUT ACCEPT iptables -P OUTPUT ACCEPT iptables -P FORWARD ACCEPT iptables -F |