- All rules are processed from top to down. Once a rule is matched (with jump), the rest will be ignored.
- Never run iptables -F if the default rules are DROP or your system will be inaccessible. If possible, set the default rule to ACCEPT and add iptables -A INPUT -j DROP at the end.
List all rules
Flush all chains (-F) and delete all user-defined chains chains (-X)
Note: Please ensure the default policy is ACCEPT or leave a ssh terminal before issuing
Set default policy (use with care)
Block incoming ip address
Block outgoing sites
Allow ping from specific ips only
Allow ssh from specific ips only
Block incoming web access
Forward incoming connection to another internal host (aa.bb.cc.dd:22)