How to Configure Iptables in Linux step by step

iptables is a popular firewall in Linux that allows you to monitor incoming and outgoing traffic to your system. It also allows you to configure rules and chains to control network packets to and from your server. In this article, we will look at how to configure iptables in Linux. We will also look at how to enable iptables, disable iptables and change iptables configuration.


How to Configure Iptables in Linux step by step

Here are the steps to configure iptables in Linux.


1. Install Iptables

Open terminal and run the following commands to update Ubuntu and then install iptables.

# sudo apt-get update
# sudo apt-get install iptables

Check iptables status

# sudo iptables -L -v

You will see the following output, which lists all the rules present in your iptables. By default, iptables do not contain any rules.

Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target     prot opt in out   source destination

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target     prot opt in out   source destination

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target     prot opt in out   source destination

Also read : How to configure NGINX reverse proxy with NodeJS


2. Configure iptables

iptables monitors traffic to and from your server using tables which contain a set of rules, called CHAINS. When a packet matches a rule, it is directed to a target which can be another chain or one of the following actions.

  • ACCEPT – accepts packet to pass through
  • DROP – does not accept packet to pass through
  • RETURN – returns the packet to its previous chain and stops it from going forward

The default table in iptables consists of the following 3 chains:

  • INPUT – for incoming packets
  • FORWARD – incoming packets to be forwarded
  • OUTPUT – for outgoing packets

Also read : How to Convert Image to PDF in Linux

Here is the general command to modify iptables.

sudo iptables -A <chain> -i <interface> -p <protocol (tcp/udp) > -s <source> --dport <port no.>  -j <target>

Let us look at each of the options above

  • – A – indicates that iptables are to be modified
  • chain – name of chain such as INPUT, FORWARD or OUTPUT
  • -i interface – network traffic whose traffic you want to control
  • -p protocol – network protocol such as tcp/udp
  • -s source – source ip address
  • –dport – destination port number
  • -j target – target name ACCEPT, DROP or RETURN. This will define the action to be taken in case a packet matches the rule.

Now let us look at some of the most common use cases.


Allow traffic from localhost

Here is the iptables rule to allow traffic from localhost

# sudo iptables -A INPUT -i lo -j ACCEPT

Also read : How to Search in VI Editor


Allow traffic to http, https & ssh ports

Here are the iptables rules to allow traffic to http (port 80), https (port 443) and ssh (port 22).

# sudo iptables -A INPUT -p tcp --dport 22 -j ACCEPT 
# sudo iptables -A INPUT -p tcp --dport 80 -j ACCEPT 
# sudo iptables -A INPUT -p tcp --dport 443 -j ACCEPT


Allow traffic from specific IP address

Here is the iptables rule to allow traffic from specific ip e.g. 54.43.32.21. Replace the ip address below as per your requirement.

sudo iptables -A INPUT -s 54.43.32.21 -j ACCEPT

Also read : How to Set Default Text Editor in Ubuntu


Disallow traffic from specific IP address

Here is the iptables rule to block traffic from specific ip e.g. 54.43.32.21. Replace the ip address below as per your requirement.

# sudo iptables -A INPUT -s 54.43.32.21 -j DROP


Drop traffic to all other ports

Here is the iptables rule to drop traffic to all ports other than the ones specified in iptables.

$ sudo iptables -A INPUT -j DROP

Also read : How to Undo Git Add Before Commit


List all iptables rules

Here is the command to list all iptables rules, with -L option.

# sudo iptables -L


Delete all iptables rules

Here is the command to delete all iptables rules and start afresh, using -F option

# sudo iptables -F

Also read : How to Install AWS CLI in Ubuntu


Delete specific iptables rule

If you want to delete a specific iptables rule, use the -D option, specify the chain name and rule number. Here is an example to delete rule number 5 of INPUT chain.

# sudo iptables -D INPUT 5


3. Save iptables changes

iptables changes are saved in memory and need to be redefined on reboot. So to make these changes persistent, we need to use the following command.

# sudo /sbin/iptables-save > /etc/iptables.conf

The above command will save your latest iptables rules in a configuration file (/etc/iptables.conf). You need to run the above command every time you make changes to iptables.

Add the following command to /etc/rc.local to load the saved iptables rules at the time of reboot.

$  sudo iptables-restore < /etc/iptables.conf

Also read : How to Tar a File in Linux

Finally, here are the commands to disable iptables in your system.

# sudo iptables -F 
# sudo /sbin/iptables-save

As you can see iptables is a very powerful tool to secure your server from unwanted traffic.