Iptables Cheatsheet

Firewall tool for controlling network traffic with precision

Updated at: March 2, 2025

Command Syntax

iptables is a command-line firewall utility that uses policy chains to allow or block traffic. Understanding the command syntax is essential for creating, modifying, and managing firewall rules in Linux systems.

Tables and Chains

Iptables organizes firewall rules into tables and chains. Tables categorize rules by function (filtering, NAT, etc.), while chains determine when rules are evaluated during packet processing. Understanding this structure is crucial for effective firewall configuration.

Packet Matching

Packet matching is the core functionality of iptables that determines which packets a rule applies to. By combining different matching criteria, you can create precise rules that target specific types of traffic based on protocols, addresses, ports, connection states, and more.

Connection Tracking

Connection tracking (conntrack) is a core feature of iptables that maintains information about the state of network connections. It enables stateful packet filtering, allowing the firewall to make decisions based on the context of connections rather than just individual packets.

Network Address Translation

Network Address Translation (NAT) allows modification of source or destination addresses in IP packets as they pass through a router or firewall. NAT is commonly used to share a single public IP among multiple devices, redirect traffic, or hide internal network structure.

Security Implementations

Iptables can be used to implement robust security measures for your system. This section covers common security configurations from basic firewall setups to advanced protection techniques against various types of attacks.

Advanced Features

Iptables offers sophisticated capabilities beyond basic packet filtering. These advanced features allow for deep packet inspection, time-based rules, traffic marking for QoS, comprehensive logging, and support for custom extensions.

Best Practices

Effective iptables implementation requires careful planning and maintenance. Following best practices ensures optimal security, performance, and reliability of your firewall configuration while minimizing disruption to network services.