Skip to content

Instantly share code, notes, and snippets.

@fearblackcat

fearblackcat/iptables.md

Last active September 2, 2021 03:23
Show Gist options
  • Save fearblackcat/c0e23601bb685f31bbe49d1a8c294f01 to your computer and use it in GitHub Desktop.
Save fearblackcat/c0e23601bb685f31bbe49d1a8c294f01 to your computer and use it in GitHub Desktop.
Download ZIP
firewalld for in public allow
Raw
iptables.md

Lookup the open port:

iptables -L -n

Add new open port:

//open 8080 port
iptables -I IN_public_allow -p tcp --dport 8080 -j ACCEPT

Open all ports:

iptables -I IN_public_allow 1 -j ACCEPT

Delete specific rule:

$ sudo iptables -L --line-numbers
[secondary_output Example Output: Rules with Line Numbers]
Chain INPUT (policy DROP)
num  target     prot opt source               destination
1    ACCEPT     all  --  anywhere             anywhere             ctstate RELATED,ESTABLISHED
2    ACCEPT     all  --  anywhere             anywhere
3    DROP       all  --  anywhere             anywhere             ctstate INVALID
4    UDP        udp  --  anywhere             anywhere             ctstate NEW
5    TCP        tcp  --  anywhere             anywhere             tcp flags:FIN,SYN,RST,ACK/SYN ctstate NEW
6    ICMP       icmp --  anywhere             anywhere             ctstate NEW
7    REJECT     udp  --  anywhere             anywhere             reject-with icmp-port-unreachable
8    REJECT     tcp  --  anywhere             anywhere             reject-with tcp-reset
9    REJECT     all  --  anywhere             anywhere             reject-with icmp-proto-unreachable
10   ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:ssh ctstate NEW,ESTABLISHED
...

For example, if we want to delete the input rule that drops invalid packets, we can see that it's rule 3 of the INPUT chain. So we should run this command:


$sudo iptables -D INPUT 3
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment