Unix Iptables cheat-sheet

Common iptables commands.

Prerequisite


Should be logged in linux based system

Apt-get


Restart iptables service

service iptables restart

List all iptables Rules

To list all of currently applied iptables rules, use the following operation at the system shell.

iptables --L

Flush all iptables Rules

If you make a configuration mistake when entering iptables rules or simply need to revert to the default rule set, you can use the following operation at the system shell to flush all rules: bash iptables --F

Change Default Policy to DROP

The default policy for iptables chains is to allow all traffic. After completing all iptablesconfiguration changes, you must change the default policy to DROP so that all traffic that isn’t explicitly allowed as above will not be able to reach components of the MongoDB deployment. Issue the following commands to change this policy:

iptables -P INPUT DROP iptables -P OUTPUT DROP

Make all iptables Rules Persistent

By default all iptables rules are only stored in memory. When your system restarts, your firewall rules will revert to their defaults. When you have tested a rule set and have guaranteed that it effectively controls traffic you can use the following operations to you should make the rule set persistent. On Red Hat Enterprise Linux, Fedora Linux, and related distributions you can issue the following command:

service iptables save

References


http://docs.mongodb.org/manual/tutorial/configure-linux-iptables-firewall/

Version History


Date Description
2015-08-15    Initial Version
2016-03-04    Added “Create Branch commands”