Forrest logo
back to context overview

firewall

Articles in our magazine for firewall:

Firewall and secure servers

How do you get a server secure? There are many ways, but most of them involve the use of firewalls. In this small tutorial we show the use of iptables.

read more

List of commands for firewall:

  • firewall:iptables:interface:allow:name Allow incoming traffic from specific network interface.
    $ sudo iptables -A INPUT -i ${interface_name} -j ACCEPT
    try on your machine
    explain this command
  • firewall:iptables:interface:block:name Block incoming traffic from specific network interface.
    $ sudo iptables -A INPUT -i ${interface_name} -j DROP
    try on your machine
    explain this command
  • firewall:iptables:ip-address:allow:address Allow incoming traffic from specific IP addresses.
    $ sudo iptables -A INPUT -s ${ip_address} -j ACCEPT
    try on your machine
    explain this command
  • firewall:iptables:ip-address:allow:destination-address Allow outgoing traffic to a specific IP address.
    $ sudo iptables -A OUTPUT -d ${ip_address} -j ACCEPT
    try on your machine
    explain this command
  • firewall:iptables:ip-address:block:address Block incoming traffic from specific IP addresses.
    $ sudo iptables -A INPUT -s ${ip_address} -j DROP
    try on your machine
    explain this command
  • firewall:iptables:ip-address:block:destination-address Block outgoing traffic to a specific IP address.
    $ sudo iptables -A OUTPUT -d ${ip_address} -j DROP
    try on your machine
    explain this command
  • firewall:iptables:outgoing:allow Allow outgoing traffic.
    $ sudo iptables -P OUTPUT ACCEPT
    try on your machine
    explain this command
  • firewall:iptables:outgoing:block-all Block all incoming traffic.
    $ sudo iptables -P INPUT DROP
    try on your machine
    explain this command
  • firewall:iptables:ports:allow:port Block a port from incoming traffic.
    $ sudo iptables -A INPUT -p tcp --dport ${port_number} -j ACCEPT
    try on your machine
    explain this command
  • firewall:iptables:ports:allow:port-range Block traffic on specific port range.
    $ sudo iptables -A INPUT -p tcp --dport ${starting_port_number}:${ending_port_number} -j DROP
    try on your machine
    explain this command
  • firewall:iptables:ports:block:port Block a port from incoming traffic.
    $ sudo iptables -A INPUT -p tcp --dport ${port_number} -j DROP
    try on your machine
    explain this command
  • firewall:iptables:protocol:allow:name Allow incoming traffic from specific protocol.
    $ sudo iptables -A INPUT -p ${protocol_name} -j ACCEPT
    try on your machine
    explain this command
  • firewall:iptables:protocol:block:name Block incoming traffic from specific protocol.
    $ sudo iptables -A INPUT -p ${protocol_name} -j DROP
    try on your machine
    explain this command
back to context overview