01: check the version of iptables or it’s installed or not.
iptables -V /* the below command also can achieve the same purpose. */ rpm -q iptables
if it’s not installed, you can install it as below(centos for example):
yum install iptables-services
02:save/start/stop/restart iptables/show the iptables present status
service iptables save service iptables start service iptables stop service iptables restart service iptables status
03: temperarily close all ports of the host
iptables -P INPUT DROP iptables -P FORWARD DROP iptables -P OUTPUT DROP
04: open or close a certain port of the host(e.g. port :22)
/* how to open a port */ iptables -A INPUT -p tcp --dport 22 -j ACCEPT iptables -A OUTPUT -p tcp --sport 22 -j ACCEPT service iptables save /* how to close a port */ iptables -A INPUT -p tcp --dport 22 -j DROP iptables -A OUTPUT -p tcp --sport 22 -j DROP service iptables save
05: show the present rules of iptables/delete a certain rule by its’ numberic order
/* without numberic format display */ iptables --list /* with numberic format display */ iptables -L -n /* show the rules in numberic order */ tables -L -n --line-number /* delete a certain rule(e.g. 2nd input rule) */ iptables -D INPUT 2 service iptables save