Controlling System Access with IPTables

There might be times when you want to control outgoing or incoming traffic from a linux machine. Iptables is answer to that.

To check current settings

sudo iptables -L

To Add a rule

iptables -A OUTPUT -p tcp –dport 8000 -j DROP

Lets get into details

iptables: command

-A: Add the rule

OUTPUT: Type of rule, OUTPUT or INPUT

-p: protocol tcp/ udp

–dport: port number (8000 here)

-j: DROP or ACCEPT

So Above command tell system to not allow any outgoing traffic on port 8000.

iptables -A OUTPUT -p tcp –dport 1935 -s 1.2.1.0 -j ACCEPT

-s: source

-d: destination

The above rule states to allow outgoing packets on port 1935 to a specific IP.

If we have centos based system

Edit rules

sudo vi /etc/sysconfig/iptables

Restart

sudo /etc/init.d/iptables restart