Commands useful for debugging iptables

Table of Contents

Commands useful for debugging iptables


It is a very popular utility firewall. With this tool, firewall rules can be configured quickly for enhanced security. You can use these commands to debug IP tables, which we will cover in this tutorial.


Let’s start,


1. To view the current firewall rules:

iptables -L -v



2. You can temporarily disable the firewall by flushing all rules. Use this command.


sudo iptables -P INPUT ACCEPT
sudo iptables -P OUTPUT ACCEPT
sudo iptables -P FORWARD ACCEPT
sudo iptables -F


3. If you want to block everything, drop all packets on all chains. Execute the following command.




sudo iptables -P INPUT DROP
sudo iptables -P OUTPUT DROP
sudo iptables -P FORWARD DROP



Here’s an example of allowing SSH, HTTP, and HTTPS access.



Step 1: The INPUT chain should include the following rule:



sudo iptables -A INPUT -p tcp --dport 22 -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 80 -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 443 -j ACCEPT

If you wish, you can add the following rule to the INPUT chain: Drop everything else; use the following command.

sudo iptables -A INPUT -j DROP


We hope this tutorial is informative for you!



Get the most out of learning


How to Install fkill on Linux Systems

iptables is a firewall utility in Linux operating systems that allows you to configure rules to control network traffic. It is used to protect a server from unwanted traffic and malicious attacks.

Some common issues when using iptables include accidentally blocking desired traffic, allowing unwanted traffic, or experiencing slow network speeds due to improperly configured rules.

You can use the command iptables -L -n to check the current rules set in iptables.

You can use the command systemctl status iptables to check if iptables is running.

To troubleshoot iptables, you can start by checking the logs using the command tail -f /var/log/messages or journalctl -u iptables. You can also use the iptables-save instruction to save the current ruleset to a file and examine it for errors. Additionally, you can use the -v flag with iptables commands to get more verbose output and the -n flag to disable hostname resolution, which can speed up the process.

To reset iptables to its default settings, you can use the command iptables -F to flush all rules and then use the command iptables -P INPUT ACCEPT to set the default policy for the input chain to accept. You can also use the iptables-restore command to restore the default ruleset from a file.

Some best practices for debugging iptables include making small changes and testing them incrementally, documenting all changes made to the ruleset, and using the -w flag with the iptables-save command to ensure that the file is written atomically. Additionally, it is essential to understand the ruleset and how it affects network traffic.

Make a Comment
Share on
VPSie Cloud service

Unlock Your

20% Discount

The First 3 orders get 20% discount! Try Sign up on VPSie to get a chance to get the discount.