Inserting and Deleting Rules

1. Inserting rules:

Run the iptables command with the -S option to list all of the active iptables rules by specification:

sudo iptables -S

In order to create an exception for the connection between our web server and database server, we will once more be adding a rule to our TCP chain.You would add the rule in the following way if you wanted to restrict access based on the specific address in question:

Output:

2. Deleting Rules:

Run the following command to remove the rule that drops incoming invalid packets:

sudo iptables -L --line-numbers

We must include port 80 in our list of permitted traffic on the web server. We won’t limit the rule by interface or destination address because the server is listening on all possible addresses.

Output:

A system administrator can modify the IP packet filter rules of the Linux kernel firewall, which are implemented as various Netfilter modules, using the user-space utility application iptables. The filters are arranged in several tables, each of which has a set of rules on how to handle packets of network data. Using a set of programmable table rules, the Linux command line firewall Iptables enables system administrators to control both incoming and outgoing traffic. Iptables employ a collection of tables with chains that each contain a set of pre-configured or user-defined rules. A command-line firewall tool called iptables uses policy chains to allow or deny traffic. Iptables searches through its list of rules to find one that matches a connection that tries to establish itself on your system. In the absence of one, it falls back on the default course of action.