As such, you will want to be sure that your firewall is allowing these connections. The loopback interface is also used if you configure your application server to connect to a database server with a localhost address. For example, if you run ping localhost or ping 127.0.0.1, your server will ping itself using the loopback. The loopback interface, also referred to as lo, is what a computer uses to forward network connections to itself. This section includes a variety of iptables commands that will create rules that are generally useful on most servers.
If you want to learn how to list and delete iptables rules, check out this tutorial: How To List and Delete Iptables Firewall Rules. Please refer to the relevant documentation for more information.
Other Linux distributions may have alternate ways of making your iptables changes permanent.
If you update your firewall rules and want to save the changes, run this command:
Install it with apt like this:ĭuring the installation, you will be asked if you want to save your current firewall rules. On Ubuntu, one way to save iptables rules is to use the iptables-persistent package. Iptables rules are ephemeral, which means they need to be manually saved for them to persist after a reboot. Let’s take a look at the iptables commands! Saving Rules Remember that you can check your current iptables ruleset with sudo iptables -S and sudo iptables -L. If your saved firewall rules allow SSH access, another method is to reboot your server. Once you are connected via the console, you can change your firewall rules to allow SSH access (or allow all traffic). If you’re using DigitalOcean, you can read our Recovery Console product documentation for more information. If you lose access due to your firewall settings, you may need to connect to it via a web-based console to fix your access. Note: When working with firewalls, take care not to lock yourself out of your own server by blocking SSH traffic (port 22, by default). If you want to put it somewhere else in the chain, you can use the -I option which allows you to specify the position of the new rule (or place it at the beginning of the chain by not specifying a rule number). All of these iptables commands use the -A option to append the new rule to the end of a chain. Keep in mind that the order of your rules matter. Copy and paste the command-line examples given, substituting the highlighted values with your own.Use the Contents menu on the right side of this page (at wide page widths) or your browser’s find function to locate the sections you need.Most sections are not predicated on any other, so you can use the examples below independently Use whichever subsequent sections are applicable to what you are trying to achieve.Most of the rules that are described here assume that your iptables is set to DROP incoming traffic, through the default input policy, and you want to selectively allow inbound traffic.This includes iptables examples of allowing and blocking various services by port, network interface, and source IP address. This cheat sheet-style guide provides a quick reference to iptables commands that will create firewall rules that are useful in common, everyday scenarios. Iptables is a software firewall for Linux distributions.