| | 126 | |
| | 127 | The Output would be:- |
| | 128 | image |
| | 129 | |
| | 130 | '''2. Implementing a ACCEPT rule :''' |
| | 131 | If you want to add rules to specific ports of your network,then the following commands can be used. |
| | 132 | |
| | 133 | '''Syntax:-''' |
| | 134 | {{{ |
| | 135 | sudo iptables -A/-I chain_name -s source_ip -p protocol_name --dport port_number -j Action_to_take |
| | 136 | }}} |
| | 137 | |
| | 138 | '''-p protocol_name:-''' |
| | 139 | This option is used to match the packets that follow the protocol protocol_name. |
| | 140 | |
| | 141 | '''-dport port_number:''' |
| | 142 | This is option is available only if you give the -p protocol_name option. It specifies to look for the packets that are going to the port “port_number”. |
| | 143 | |
| | 144 | '''Example:-'''[[BR]] |
| | 145 | Let’s say we want to keep our SSH port open (we will assume in this guide that the default SSH port is 22) from the 192.168.1.3 network we blocked in the above case. That is we only want to allow those packets coming from 192.168.1.3 and which wants to go to the port 22. |
| | 146 | {{{ |
| | 147 | sudo iptables -A INPUT -s 192.168.1.3 -p tcp --dport 22 -j ACCEPT |
| | 148 | }}} |
