25 Useful IPtable Firewall Rules Every Linux Administrator Should Know

If You Appreciate What We Do Here On TecMint, You Should Consider:

  1. Stay Connected to: Twitter | Facebook | Google Plus
  2. Subscribe to our email updates: Sign Up Now
  3. Use our Linode referral link if you plan to buy VPS (it starts at only $10/month).
  4. Support us via PayPal donate - Make a Donation
  5. Support us by purchasing our premium books in PDF format.
  6. Support us by taking our online Linux courses

We are thankful for your never ending support.

Marin Todorov

I am a bachelor in computer science and a Linux Foundation Certified System Administrator. Currently working as a Senior Technical support in the hosting industry. In my free time I like testing new software and inline skating.

Your name can also be listed here. Got a tip? Submit it here to become an TecMint author.

Receive Your Free Complimentary eBook NOW! -

Download Free Linux eBooks

Advanced Bash-Scripting Guide
Linux Bible
A Newbie's Getting Started Guide to Linux
Introduction to Linux - A Hands on Guide

You may also like...

4 Responses

  1. chanuka says:

    Really needful

  2. cybernard says:

    Step 21: Instead of having a 2 potiential long blocks
    iptables -I INPUT -d SITE -p tcp -m multiport –dports 21,25,110,143,465,587,993,995 -j DROP
    use this instead
    iptables -A INPUT -m conntrack –ctstate ESTABLISHED,RELATED -j ACCEPT
    iptables -I INPUT -d SITE i -p tcp -m multiport ! –dports 80,443 -j DROP

    This teaches the allow only was is required principle instead of a long blacklist.

  3. Wodin says:

    You don’t want to block ALL incoming ICMP. If you just want to block PING requests, then you need to block ICMP echo requests like this:
    iptables -A INPUT -p icmp –icmp-type echo-request -j DROP

  4. me says:

    For black/white lists, banning IP, you should teach people IPSET as it is way more efficient. Blocking with iptables doesn’t scale well, and at approx 2000 blocks (depending on your CPU) your CPU utilization will go through the roof.

Got something to say? Join the discussion.

Your email address will not be published. Required fields are marked *

Join Over 150K+ Linux Users
  1. 100,756
  2. 5,113
  3. 36,418

Enter your email to get latest Linux Howto's