iptables - administration tool for IPv4 packet filtering and NAT.
Show all iptables rules
iptables -L
Show all iptables rules without dns name resolution
iptables -L -n
Show the number of filtered packets for each rule
iptables -L -n -v
Show only specific chain (INPUT)
iptables -L INPUT -n
Delete existing rules (for all chains)
iptables -F
Set default chain policies
iptables -P FORWARD DROP
iptables -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT
Block a specific ip address source
iptables -A INPUT -s 192.168.0.123 -j DROP
Block a specific ip address destination
iptables -A FORWARD -d 192.168.0.10 -j DROP
Accept icmp (ping) packets
iptables -A INPUT -p icmp -j ACCEPT
Block a specific port
iptables -A INPUT --dport 80 -j DROP
Block specific protocol
iptables -A INPUT -p udp -j DROP
Block network interface (nic)
iptables -A INPUT -i eth1 -j DROP
Block specific mac address
iptables -A INPUT -m mac --mac-source 00:1F:DA:11:40:18 -j DROP
Block a range of ports
iptables -A INPUT -p tcp --dport 6000:6050 -j DROP
Block a range of ip address
iptables -A INPUT -p tcp -m iprange --src-range 192.168.1.100-192.168.1.150 -j DROP