Iptables is a Linux-based firewall utility that allows system administrators to manage incoming and outgoing network traffic by defining a set of rules.
Using iptables, you can configure a set of rules that define which packets should be allowed to pass through the system and which should be dropped or rejected. These rules are organized into tables, chains, and rulesets.
The most common use of iptables is to block or allow traffic based on IP addresses, ports, and protocols.
For example, you can use iptables to block incoming traffic on certain ports or allow only specific IP addresses to connect to a service.
Here are a few examples of how you can use iptables:
- Block incoming traffic on port 22 (SSH):
sudo iptables -A INPUT -p tcp --dport 22 -j DROPThis rule will block all incoming traffic on port 22, which is used for SSH connections. This can be useful for preventing unauthorized access to a system.
2. Allow traffic from a specific IP address:
sudo iptables -A INPUT -s 192.168.0.100 -j ACCEPTThis rule will allow incoming traffic from the IP address 192.168.0.100. You can replace this with any IP address you want to allow.
3. Block outgoing traffic on port 80 (HTTP):
sudo iptables -A OUTPUT -p tcp --dport 80 -j DROPThis rule will block all outgoing traffic on port 80, which is used for HTTP connections. This can be useful for preventing certain applications or processes from accessing the internet.
4. Allow incoming traffic on port 443 (HTTPS):
sudo iptables -A INPUT -p tcp --dport 443 -j ACCEPTThis rule will allow incoming traffic on port 443, which is used for HTTPS connections. This can be useful for allowing secure web traffic to a server.
