This is a subsystem for working with network packages, which passes through its filter all connections on the server. Let’s take a closer look at the IPTables configuration.
General information
IPTables is already built into the main Linux kernel by default, but the tools for working with it in many distributions are not available by default, so let’s use the command to install the utility.
Debian / Ubuntu
[sudo] apt install iptables
CentOS [Fedora]
sudo yum install iptables
Setting
After installing the utility, we will proceed to its detailed configuration.
Arguments
Opening port(s)
First, let’s check our list of rules:
iptables -L

Let’s try to open oneTCP-порт 80 for входящих соединений:
iptables -t filter -A INPUT -p tcp --dport 80 -j ACCEPT
Let’s check the list again...

Now let’s try to open the UDP port range from 25565 to 25570 for outgoing connections:
iptables -t filter -A OUTPUT -p udp --dport 25565:25570 -j ACCEPT
Let’s check the result.

Want to close all inbound connections for TCP 250? No problem.
iptables -t filter -A INPUT -p tcp --dport 250 -m state --state ESTABLISHED -j DROP

Rule removal
Now try to remove the rule that allows inbound connections for TCP 80:
iptables -t filter -D INPUT -p tcp --dport 80 -j ACCEPT

Deletion of all rules
To do this, use the command
iptables -F

Preservation of established rules
By default, all the rules that have been created are applied until the next reboot and will be deleted during it. To avoid this, let’s save the IPTables rules that we created. To do this, use the appropriate command.
iptables-save

It worked. The rules are saved and will be active even after restarting our server!
Last updated