iptables is a user-space application program that allows a system administrator to configure the tables provided by the Linux kernel firewall (implemented as different Netfilter modules) and the chains and rules it stores.

 

Exact meaning of an option which are used in iptable command:
A – All source
I – INPUT
s – Source
j – jump on

Procedure:

For Example: If you want to check IP 192.99.204.1 is blocked or not then fire command


iptables -nL | grep 192.99.204.1

You can see the result as below

DROP all — 192.99.204.1 0.0.0.0/0
DROP all — 0.0.0.0/0 192.99.204.1
 
Which means IP is blockedTo unblock that IP address use following command:


iptables -I INPUT -s 192.99.204.1 -j ACCEPT
 
To Block back an IP Address:
 
iptables -A INPUT -d 192.99.204.1 -j DROP

After adding or removing ips from iptables you need to save iptable rule using following command.
service iptables save
 
service iptables restart
 
To allow PORT in iptables you have to follow below commands Exact meaning of an options which uses in the command
=====================================
p – protocol

dport – destination port
j – jump on
=====================================

iptables -I INPUT -p tcp –dport 2082 -j ACCEPTiptables -I INPUT -p udp –dport 2082 -j ACCEPT

iptables -I OUTPUT -p tcp –dport 2082 -j ACCEPT

iptables -I OUTPUT -p udp –dport 2082 -j ACCEPT

To drop (block) port in iptables you have to follow below commands:

iptables -I INPUT -p tcp –dport 2082 -j DROP

iptables -I INPUT -p udp –dport 2082 -j DROP

iptables -I OUTPUT -p tcp –dport 2082 -j DROP

iptables -I OUTPUT -p udp –dport 2082 -j DROP

After adding or removing iptables you need to save iptable rule using following command.

  • service iptables save
  • service iptables restart
To enable range of port in iptables

 
iptables -A INPUT -p tcp –destination-port 1568:1570 -j ACCEPTiptables -A OUTPUT -p tcp –source-port 1568:1570 -j ACCEPT

 
  • service iptables save

  • service iptables restart