iptables examples

iptables -L -n -v
iptables -L -n -v --line-numbers
iptables -L OUTPUT -n -v --line-numbers
iptables -F
iptables -t nat -F
iptables -t mangle -F
iptables -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -D INPUT 4
iptables -t nat -vnL --line-number
iptables -t nat -D PREROUTING 10

iptables -I INPUT 2 -s 202.54.1.2 -j DROP
iptables -L INPUT -n --line-numbers
iptables -A INPUT -s 202.5.4.1 -j DROP

service iptables save
iptables-save > /root/my.active.firewall.rules

iptables-restore < /root/my.active.firewall.rules
service iptables restart

iptables -A INPUT -m state --state NEW,ESTABLISHED -j ACCEPT

iptables -A INPUT -i eth1 -s 192.168.0.0/24 -j DROP

10.0.0.0/8 (A)
172.16.0.0/12 (B)
192.168.0.0/16 (C)
224.0.0.0/4 (MULTICAST D)
240.0.0.0/5 (E)
127.0.0.0/8 (LOOPBACK)

iptables -A INPUT -i eth1 -s 192.168.1.0/24 -p tcp --dport 80 -j DROP
iptables -A OUTPUT -o eth1 -d 192.168.1.0/24 -j DROP

iptables -A INPUT -i eth1 -s 10.0.0.0/8 -j LOG --log-prefix "IP_SPOOF A: "
iptables -A INPUT -i eth1 -s 10.0.0.0/8 -j DROP
tail -f /var/log/messages
grep ‘IP SPOOF’ /var/log/messages

iptables -A INPUT -p tcp --destination-port 22 -m mac --mac-source 00:0F:EA:91:04:07 -j ACCEPT

iptables -A INPUT -i eth1 -p icmp --icmp-type echo-request -j DROP
iptables -A INPUT -s 192.168.1.0/24 -p icmp --icmp-type echo-request -j ACCEPT

iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 7000:7010 -j ACCEPT

iptables -A INPUT -s 1.2.3.4 -p tcp --destination-port 80 -j LOG --log-level crit

iptables -Z

sysctl -w net.ipv4.ip_forward=1

iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -j SNAT --to-source 10.0.0.11
iptables -t nat -A PREROUTING -d 10.0.0.11 -p tcp --dport 2222 -j DNAT --to-destination 192.168.1.11:22
iptables -t nat -I PREROUTING --src 0/0 --dst 192.168.1.5 -p tcp --dport 80 -j REDIRECT --to-ports 8080
iptables -t nat -I POSTROUTING -p tcp -d 4.250.240.2 --dport 2001 -j SNAT --to 4.250.240.1