Iptables

Iptables is a program that allows you to configure Linux's built-in firewall. By default, no rules are set, meaning the firewall will accept all connections. This guide covers the basics of working with iptables.

An IPTables based firewall is made of three different basic “objects”.
Rules
Chains
Tables

Rules:
The lowest level objects are the “rules” that are performing the packetfiltering or manipulation.

Chains:
Those rules are organized in “chains” which are simple ordered list of rules. There are some built-in chains that are always available for the user like the INPUT or the OUTPUT chain in the filter table.

Tables:
Because of the lots of possibilities that IPTables rules give you to filter and/or mainpulate the packets that are checked the chains themselves are organized in so called “tables”. Each table has it's own set of built-in chains that are available for direct use.


To list all current iptables rules:
# iptables -L

To flush/clear all current firewall rules:
# iptables -F

To stop/disable iptables temporarily:
# service iptables save
# service iptables stop

To restart the iptables service:
# service iptables restart
or
# /etc/rc.d/init.d/iptables restart


Blocking a Single IP Address
Eg:192.20.10.10

/sbin/iptables -I INPUT -s 192.20.10.10 -j DROP


Allowing All Traffic from an IP Address
/sbin/iptables -A INPUT -s 192.20.10.10 -j ACCEPT

Blocking a Port From All Addresses
/sbin/iptables -A INPUT -p tcp --dport 3306 -j DROP

Allowing a Single Port from a Single IP
/sbin/iptables -A INPUT -p tcp -s 192.20.10.10 --dport 3306 -j ACCEPT