News about our company, tutorials about IT and much more you will find in this page.
This article explains how to add iptables firewall rules using the “iptables -A” (append) command. Iptables is a rule-based firewall, which will process each rule in order until it finds one that matches. The iptables utility is typically pre-installed on your linux distribution, but isn’t actually running any rules.
Blocking a Single IP Address
You can block an IP by using the -s parameter, replacing xx.xx.xx.xx with the address that you are trying to block.
Block an IP for a Specific Port
You can block a port entirely from being accessed over from an IP by using the the –dport switch and adding the port of the service you want to block. Where, xx.xx.xx.xx is the remote IP address and PORT is the port number you wish to deny access to.
Allowing a Single IP Address
You can allow an IP by using the -s parameter and using the policy ACCEPT, replacing xx.xx.xx.xx with the address that you are granting access.
Allowing a Single Port from a Single IP
You can add the -s command along with the –dport command to further limit the rule to a specific port.
How to Block a Scanner on Your Server
You can block a scanner on your server, for example “foobar.at.ISC.SANS”, using a string.
Viewing the Current Rules
You can view the current rules using the following command:
Clearing the Current Rules
You can clear out all the current rules by using the flush parameter. This is very useful if you need to put the rules in the correct order, or when you are testing.
