{"id":1778,"date":"2018-01-20T15:53:58","date_gmt":"2018-01-20T15:53:58","guid":{"rendered":"http:\/\/www.incredigeek.com\/home\/?p=1778"},"modified":"2018-01-20T15:57:55","modified_gmt":"2018-01-20T15:57:55","slug":"add-and-delete-iptable-rules","status":"publish","type":"post","link":"https:\/\/www.incredigeek.com\/home\/add-and-delete-iptable-rules\/","title":{"rendered":"Add, List, and Delete iptable rules"},"content":{"rendered":"<p><strong>Add iptable rule<\/strong><\/p>\n<p>The following rule rejects access to port 22 on all devices except ones on the 192.168.1.0\/24 network.\u00a0 Note the &#8220;!&#8221;.\u00a0 This command can be useful for a WHM\/cPanel server to limit ssh access.<\/p>\n<pre>iptables -A INPUT ! -s 192.168.1.0\/24 -p tcp --dport 22 -j REJECT<\/pre>\n<p><strong>List iptable rules with line numbers<\/strong><\/p>\n<pre>iptables -L --line-numbers<\/pre>\n<p>Example output<\/p>\n<pre>root@localhost [~]# iptables -L --line-numbers\r\nChain INPUT (policy ACCEPT)Chain OUTPUT (policy ACCEPT)\r\nnum target prot opt source destination\r\n1 REJECT tcp -- !192.168.1.11 anywhere tcp dpt:ssh reject-with icmp-port-unreachable\r\n\r\nChain FORWARD (policy ACCEPT)\r\nnum target prot opt source destination\r\n\r\nChain OUTPUT (policy ACCEPT)\r\nnum target prot opt source destination\r\n1 ACCEPT tcp -- anywhere anywhere multiport dports smtp,urd,submission owner GID match mailman\r\n2 cpanel-dovecot-solr all -- anywhere anywhere\r\n\r\nChain cpanel-dovecot-solr (1 references)\r\nnum target prot opt source destination\r\n1 ACCEPT tcp -- anywhere anywhere multiport sports 8984,7984 owner UID match cpanelsolr\r\n<\/pre>\n<p><strong>Remove iptable rule<\/strong><\/p>\n<p>To delete a rule use the -D option with the Chain and the line number.\u00a0 So to delete the first rule in the example output above, we would specify the INPUT chain and the the line number 1<\/p>\n<pre> iptables -D INPUT 1<\/pre>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Add iptable rule The following rule rejects access to port 22 on all devices except ones on the 192.168.1.0\/24 network.\u00a0 Note the &#8220;!&#8221;.\u00a0 This command can be useful for a WHM\/cPanel server to limit ssh access. iptables -A INPUT ! &hellip; <a href=\"https:\/\/www.incredigeek.com\/home\/add-and-delete-iptable-rules\/\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4,3],"tags":[8,196,381,15,7,382],"class_list":["post-1778","post","type-post","status-publish","format-standard","hentry","category-command-line","category-linux","tag-command-line-2","tag-cpanel-2","tag-iptable","tag-iptables","tag-linux-2","tag-whm"],"_links":{"self":[{"href":"https:\/\/www.incredigeek.com\/home\/wp-json\/wp\/v2\/posts\/1778","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.incredigeek.com\/home\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.incredigeek.com\/home\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.incredigeek.com\/home\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.incredigeek.com\/home\/wp-json\/wp\/v2\/comments?post=1778"}],"version-history":[{"count":5,"href":"https:\/\/www.incredigeek.com\/home\/wp-json\/wp\/v2\/posts\/1778\/revisions"}],"predecessor-version":[{"id":1783,"href":"https:\/\/www.incredigeek.com\/home\/wp-json\/wp\/v2\/posts\/1778\/revisions\/1783"}],"wp:attachment":[{"href":"https:\/\/www.incredigeek.com\/home\/wp-json\/wp\/v2\/media?parent=1778"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.incredigeek.com\/home\/wp-json\/wp\/v2\/categories?post=1778"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.incredigeek.com\/home\/wp-json\/wp\/v2\/tags?post=1778"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}