A simple iptables firewall script to block all ports except port 80 and give port 22 to certain ip's

👤 admin

🔴 Admin

✍️ The most important thing in the world is to not be alone.

⏳ Last active: 15 Apr 2025 at 16:01

📅 Created: 13 Feb 2021 at 17:36

👀 Viewed: 18 times

✉️ Send Email

This simple script is very useful and very simple and will give you the basics of what you can do with linux iptables firewall.

Make a file:

pico /root/firewall.sh

Paste all the info and correct the ip addresses with you owns.

iptables -P FORWARD DROP # we aren't a router

iptables -A INPUT -m state --state INVALID -j DROP

iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT

iptables -A INPUT -i lo -j ACCEPT

iptables -A INPUT -s 213.191.173.114 -j ACCEPT

iptables -A INPUT -s 192.168.1.0/24 -j ACCEPT

iptables -P INPUT DROP # Drop everything we don't accept

iptables -A INPUT -p tcp --dport 80 -j ACCEPT

Give it some permissions

chmod 777 /root/firewall.sh

And run the script.

./root/firewlall.sh

Now this was tested in ubuntu 17.04 but if you have problems with the destination of the iptables you can try adding sbin/iptables.
You can list all the active iptables rules with the command

iptables -nL