Basic Format
iptables [options]...Key Options
| -A chain | Append to chain. |
|
| -D chain | Delete rule from chain. |
|
| -I chain | Insert rule at head of chain. |
|
| -F | Flush selected chain (all chains if none is given). |
|
| -L | List rules in a chain (all chains if none is given). |
|
| -P chain target | Change policy on chain to target. |
|
| -s address[/mask] | Source specification. |
|
| -d address[/mask] | Destination specification. |
|
| -p protocol | Protocol specification. |
|
| -j target | Specifies the target of the rule. |
|
| --sport service[:port] | Source port specification. |
|
| --dport service[:port] | Destination port specification. |
Examples
| iptables -A INPUT -s 192.168.0.0/24 -j ACCEPT | Allow traffic from network 192.168.0.0/24. |
|
| iptables -A OUTPUT -d 192.168.0.0/24 -j ACCEPT | Allow traffic to network 192.168.0.0/24. |
|
| iptables -A INPUT -p tcp --dport 22 -j ACCEPT | Allow incoming SSH. |
|
| iptables -A INPUT -p tcp --dport 80 -j ACCEPT | Allow incoming HTTP. |
|
| iptables -A INPUT -p tcp --dport 443 -j ACCEPT | Allow incoming HTTPS. |
|
| iptables -A INPUT -j DROP | Block all other traffic. |
|
| iptables -L -v | List all iptables rules. |
|
| iptables -F | Flush all rules. |
