Drop invalid packages
iptables -I INPUT 1 -m conntrack –ctstate INVALID -j DROP
Allow loopback interface connection
iptables -A INPUT -i lo -j ACCEPT
Allow input and output related and established rules
iptables -A INPUT -m state –state RELATED,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -m state –state NEW,ESTABLISHED -j ACCEPT
Allow SSH
iptables -A INPUT -p tcp –dport 22 -j ACCEPT
Allow HTTP (80) and HTTPS (443)
iptables -A INPUT -p tcp -m multiport –dports 80,443 -j ACCEPT
Allo ICMP (Ping service in simple words)
iptables -A INPUT -p icmp -j ACCEPT
Deny what not allowed (example of ICMP Accepted, Rest will not be allowed)
iptables -P INPUT DROP
To see all opened and denied iptables rules
iptables -L –line-numbers -nv
To see numbers of each rule
iptables -L –line-numbers
Delete port with selected number
iptables -D INPUT 5