snipt

Ctrl+h for KB shortcuts

Bash

ip table snippets

# Block ip
sudo iptables -I INPUT -s xx.xx.xx.xx -j DROP; 
sudo iptables -L -n -v

iptables -n -L -v --line-numbers

sudo iptables -A INPUT -p tcp --dport 80 -j DROP
sudo iptables -A INPUT -i eth1 -p tcp --dport 80 -j DROP

sudo iptables -I INPUT -p tcp --dport 80 -j ACCEPT
sudo iptables -I INPUT -p tcp --dport 443 -j ACCEPT
sudo iptables -A INPUT -j REJECT; sudo iptables -A FORWARD -j REJECT
sudo iptables -A OUTPUT -j ACCEPT; sudo iptables -I INPUT -i lo -j ACCEPT

iptables -A INPUT -i eth0 -p tcp -m multiport --dports 80,443 -m state --state NEW,ESTABLISHED -j ACCEPT

iptables -A OUTPUT -o eth0 -p tcp -m multiport --sports 80,443 -m state --state ESTABLISHED -j ACCEPT
https://snipt.net/embed/a5f8734112e29ccbcae2e6e9da72dcdf/
/raw/a5f8734112e29ccbcae2e6e9da72dcdf/
a5f8734112e29ccbcae2e6e9da72dcdf
bash
Bash
18
2019-06-24T07:43:59
True
False
False
Oct 18, 2013 at 06:27 AM
/api/public/snipt/88478/
ip-table-snippets
<table class="highlighttable"><tr><td class="linenos"><div class="linenodiv"><pre><a href="#L-1"> 1</a> <a href="#L-2"> 2</a> <a href="#L-3"> 3</a> <a href="#L-4"> 4</a> <a href="#L-5"> 5</a> <a href="#L-6"> 6</a> <a href="#L-7"> 7</a> <a href="#L-8"> 8</a> <a href="#L-9"> 9</a> <a href="#L-10">10</a> <a href="#L-11">11</a> <a href="#L-12">12</a> <a href="#L-13">13</a> <a href="#L-14">14</a> <a href="#L-15">15</a> <a href="#L-16">16</a> <a href="#L-17">17</a></pre></div></td><td class="code"><div class="highlight"><pre><span></span><span id="L-1"><a name="L-1"></a><span class="c1"># Block ip</span> </span><span id="L-2"><a name="L-2"></a>sudo iptables -I INPUT -s xx.xx.xx.xx -j DROP<span class="p">;</span> </span><span id="L-3"><a name="L-3"></a>sudo iptables -L -n -v </span><span id="L-4"><a name="L-4"></a> </span><span id="L-5"><a name="L-5"></a>iptables -n -L -v --line-numbers </span><span id="L-6"><a name="L-6"></a> </span><span id="L-7"><a name="L-7"></a>sudo iptables -A INPUT -p tcp --dport <span class="m">80</span> -j DROP </span><span id="L-8"><a name="L-8"></a>sudo iptables -A INPUT -i eth1 -p tcp --dport <span class="m">80</span> -j DROP </span><span id="L-9"><a name="L-9"></a> </span><span id="L-10"><a name="L-10"></a>sudo iptables -I INPUT -p tcp --dport <span class="m">80</span> -j ACCEPT </span><span id="L-11"><a name="L-11"></a>sudo iptables -I INPUT -p tcp --dport <span class="m">443</span> -j ACCEPT </span><span id="L-12"><a name="L-12"></a>sudo iptables -A INPUT -j REJECT<span class="p">;</span> sudo iptables -A FORWARD -j REJECT </span><span id="L-13"><a name="L-13"></a>sudo iptables -A OUTPUT -j ACCEPT<span class="p">;</span> sudo iptables -I INPUT -i lo -j ACCEPT </span><span id="L-14"><a name="L-14"></a> </span><span id="L-15"><a name="L-15"></a>iptables -A INPUT -i eth0 -p tcp -m multiport --dports 80,443 -m state --state NEW,ESTABLISHED -j ACCEPT </span><span id="L-16"><a name="L-16"></a> </span><span id="L-17"><a name="L-17"></a>iptables -A OUTPUT -o eth0 -p tcp -m multiport --sports 80,443 -m state --state ESTABLISHED -j ACCEPT </span></pre></div> </td></tr></table>
iptables, linux