This article is part of our ongoing Linux IPTables series of articles. When things are not working as expected with your IPTables rules, you might want to log the IPTables dropped packets for troubleshooting purpose. This article explains how to log both incoming and outgoing dropped firewal packets.

25 Most Frequently Used Linux IPTables Rules Examples

by Ramesh Natarajan on June 14, 2011

At a first glance, IPTables rules might look cryptic.

In this article, I’ve given 25 practical IPTables rules that you can copy/paste and use it for your needs.

These examples will act as a basic templates for you to tweak these rules to suite your specific requirement.

For easy reference, all these 25 iptables rules are in shell script format: iptables-rules

In our previous IPTables firewall series article, we reviewed how to add firewall rule using “iptables -A”.

We also explained how to allow incoming SSH connection. On a high-level, it involves following 3 steps.

  1. Delete all existing rules: “iptables -F”
  2. Allow only incoming SSH: “iptables -A INPUT -i eth0 -p tcp –dport 22 -j ACCEPT”
  3. Drop all other incoming packets: “iptables -A INPUT -j DROP”

The above works. But it is not complete. One problem with the above steps is that it doesn’t restrict the outgoing packets.

This article explains how to add iptables firewall rules using the “iptables -A” (append) command.

“-A” is for append. If it makes it easier for you to remember “-A” as add-rule (instead of append-rule), it is OK. But, keep in mind that “-A” adds the rule at the end of the chain.

Again, it is very important to remember that -A adds the rule at the end.

On Red Hat based Linux, iptables comes with certain default rules. It is good idea to clean them up, and start from scratch.

This article is part of an ongoing iptables tutorial series. This is the 2nd article in that series. In our 1st part, we discussed about IPTables Tables, Chains, Rules Fundamentals.

Before we start learning how to add firewall rules using iptables, it is helpful to understand how to cleanup all the existing default rules and start everything from scratch.

iptables firewall is used to manage packet filtering and NAT rules. IPTables comes with all Linux distributions. Understanding how to setup and configure iptables will help you manage your Linux firewall effectively.

iptables tool is used to manage the Linux firewall rules. At a first look, iptables might look complex (or even confusing). But, once you understand the basics of how iptables work and how it is structured, reading and writing iptables firewall rules will be easy.

This article is part of an ongoing iptables tutorial series. This is the 1st article in that series.

This article explains how iptables is structured, and explains the fundamentals about iptables tables, chains and rules.


Question: How do I view all the current iptables rules? Once I view it, is there a way to delete all the current rules and start from scratch?

Answer: Use the iptables list option to view, and iptables flush option to delete all the rules as shown below. You should have root permission to perform this operation.


Fail2ban scans log files for various services ( SSH, FTP, SMTP, Apache, etc., ) and bans the IP that makes too many password failures. It also updates the firewall rules to reject these ip addresses.

Fail2ban is an intrusion prevention framework written in the Python programming language.

Main purpose of Fail2ban is to prevent brute force login attacks.