dillonbrowne · July 30, 2021 16:10 · Sep 12, 2019 · Mar 28, 2017 · Mar 28, 2017 · Mar 28, 2017
diff --git a/IPTABLES-CHEATSHEET.md b/IPTABLES-CHEATSHEET.md
@@ -74,7 +74,7 @@ iptables --policy OUTPUT DROP
 **Set Default Policy for FORWARD to REJECT**
 
 ```bash
-iptables --policy FORWARD ACCEPT
+iptables --policy FORWARD REJECT
 ```
 
 **ACCEPT Connections From a Single IP Address**

diff --git a/IPTABLES-CHEATSHEET.md b/IPTABLES-CHEATSHEET.md
@@ -120,7 +120,7 @@ $ iptables --policy OUTPUT DROP
 # Explanation:
 # DROP all OUTPUT connections.
 
-$ iptables -A OUTPUT -d 192.168.1.1 -J ACCEPT
+$ iptables -A OUTPUT -d 192.168.1.1 -j ACCEPT
 # Explanation:
 # Allow connections to the destination port 192.168.1.1
 ```

diff --git a/IPTABLES-CHEATSHEET.md b/IPTABLES-CHEATSHEET.md
@@ -117,7 +117,12 @@ $ iptables -A OUTPUT -p tcp --dport ssh -s 10.10.10.10 -j REJECT
 
 ```
 $ iptables --policy OUTPUT DROP
+# Explanation:
+# DROP all OUTPUT connections.
+
 $ iptables -A OUTPUT -d 192.168.1.1 -J ACCEPT
+# Explanation:
+# Allow connections to the destination port 192.168.1.1
 ```
 
 **Saving Changes Made to `iptables`**

diff --git a/IPTABLES-CHEATSHEET.md b/IPTABLES-CHEATSHEET.md
@@ -113,6 +113,13 @@ $ iptables -A OUTPUT -p tcp --dport ssh -s 10.10.10.10 -j REJECT
 # -j <ACTION> : (jump) - Defines what to do when the Packet matches this rule. We can either ACCEPT, DROP or REJECT it. (REJECT) 
 ```
 
+**DROP All OUTGOING Connections; ALLOW only CONNECTIONS to 192.168.1.1**
+
+```
+$ iptables --policy OUTPUT DROP
+$ iptables -A OUTPUT -d 192.168.1.1 -J ACCEPT
+```
+
 **Saving Changes Made to `iptables`**
 
 The changes you made to your iptables rules will not be saved unless it is called explicitly to be saved. The next time the service starts, any unsaved changes will be wiped away. The following are examples on how to save on different platforms 

diff --git a/IPTABLES-CHEATSHEET.md b/IPTABLES-CHEATSHEET.md
@@ -143,4 +143,10 @@ iptables -D INPUT -s 127.0.0.1 -p tcp -dport 111 -j ACCEPT
 # -p <protocol> : Protocol - THe protocol of the rule or of the packet to check 
 # --dport <port>: Destination Port: The Destination port or port range specification
 # -j <ACTION>   : (jump) - Defines what to do when the Packet matches this rule. We can either ACCEPT, DROP or REJECT it. (REJECT) 
+```
+
+You can also delete base don the rule number:
+
+```
+iptables -D INPUT 4
 ```
diff --git a/IPTABLES-CHEATSHEET.md b/IPTABLES-CHEATSHEET.md
@@ -1,6 +1,6 @@
 # IP Tables (iptables) Cheat Sheet
 
-IPTables is the Firewall service that is available in a lot of different Linux Distributions. While modifiying it might seem daunting at first, this Cheat Sheet should be able to show you just how easy it is to use and how quickly you can be on your way mucking around with your firewall
+IPTables is the Firewall service that is available in a lot of different Linux Distributions. While modifiying it might seem daunting at first, this Cheat Sheet should be able to show you just how easy it is to use and how quickly you can be on your way mucking around with your firewall.
 
 ## Resources 
 

diff --git a/IPTABLES-CHEATSHEET.md b/IPTABLES-CHEATSHEET.md
@@ -1,8 +1,11 @@
 # IP Tables (iptables) Cheat Sheet
 
+IPTables is the Firewall service that is available in a lot of different Linux Distributions. While modifiying it might seem daunting at first, this Cheat Sheet should be able to show you just how easy it is to use and how quickly you can be on your way mucking around with your firewall
+
 ## Resources 
 
-The following list is a great set of documentation for `iptables`:
+The following list is a great set of documentation for `iptables`. I used them to compile this documentation.
+
    * **How-To Geek: The Beginner’s Guide to iptables, the Linux Firewall**: https://www.howtogeek.com/177621/the-beginners-guide-to-iptables-the-linux-firewall/
    * **IPTables Essentials: Common Firewall Rules and COmmands** https://www.digitalocean.com/community/tutorials/iptables-essentials-common-firewall-rules-and-commands
    * **List and Delete `iptable` rules:** https://www.digitalocean.com/community/tutorials/how-to-list-and-delete-iptables-firewall-rules

diff --git a/IPTABLES-CHEATSHEET.md b/IPTABLES-CHEATSHEET.md
@@ -112,7 +112,7 @@ $ iptables -A OUTPUT -p tcp --dport ssh -s 10.10.10.10 -j REJECT
 
 **Saving Changes Made to `iptables`**
 
-The changes you made to your iptables rules will not be saved unless it is called explicitly to be saved. The next time the service starts, any unsaved changes will be wiped away. The following are examples on how to save on different platforms:
+The changes you made to your iptables rules will not be saved unless it is called explicitly to be saved. The next time the service starts, any unsaved changes will be wiped away. The following are examples on how to save on different platforms 
 
 *Ubuntu:* `sudo /sbin/iptables-save`
 
@@ -126,4 +126,18 @@ To clear all the rules that are configured, you can flush it with the *Flush* co
 
 ```
 iptables -F
+```
+
+**Deleting Individual Rules**
+
+You can delete rules based on what they're doing:
+
+```
+iptables -D INPUT -s 127.0.0.1 -p tcp -dport 111 -j ACCEPT 
+# Explanation
+# -D <CHAIN>    : The Rule to delete (INPUT -s 127.0.0.1 -p tcp -dport 111 -j ACCEPT)
+# -s <SOURCE>   : Source - The Source IP of the connection (127.0.0.1)
+# -p <protocol> : Protocol - THe protocol of the rule or of the packet to check 
+# --dport <port>: Destination Port: The Destination port or port range specification
+# -j <ACTION>   : (jump) - Defines what to do when the Packet matches this rule. We can either ACCEPT, DROP or REJECT it. (REJECT) 
 ```
diff --git a/IPTABLES-CHEATSHEET.md b/IPTABLES-CHEATSHEET.md
@@ -108,4 +108,22 @@ $ iptables -A OUTPUT -p tcp --dport ssh -s 10.10.10.10 -j REJECT
 # -A <CHAIN>  : Append a Rule to the chain that is specified (OUTPUT in this scenario)
 # -s <SOURCE> : Source - The Source IP of the connection (10.10.10.10)
 # -j <ACTION> : (jump) - Defines what to do when the Packet matches this rule. We can either ACCEPT, DROP or REJECT it. (REJECT) 
+```
+
+**Saving Changes Made to `iptables`**
+
+The changes you made to your iptables rules will not be saved unless it is called explicitly to be saved. The next time the service starts, any unsaved changes will be wiped away. The following are examples on how to save on different platforms:
+
+*Ubuntu:* `sudo /sbin/iptables-save`
+
+*RedHat / Centos:* `/sbin/service iptables save`
+
+*Others:* `/etc/init.d/iptables save`
+
+**Clearing All the Rules*
+
+To clear all the rules that are configured, you can flush it with the *Flush* command.
+
+```
+iptables -F
 ```
diff --git a/CHEATSHEET.md → IPTABLES-CHEATSHEET.md b/CHEATSHEET.md → IPTABLES-CHEATSHEET.md
@@ -1,12 +1,16 @@
 # IP Tables (iptables) Cheat Sheet
 
-**NOTE:** The commands below must be run as the root user or user with privileges to access `iptables`.
+## Resources 
 
 The following list is a great set of documentation for `iptables`:
    * **How-To Geek: The Beginner’s Guide to iptables, the Linux Firewall**: https://www.howtogeek.com/177621/the-beginners-guide-to-iptables-the-linux-firewall/
    * **IPTables Essentials: Common Firewall Rules and COmmands** https://www.digitalocean.com/community/tutorials/iptables-essentials-common-firewall-rules-and-commands
    * **List and Delete `iptable` rules:** https://www.digitalocean.com/community/tutorials/how-to-list-and-delete-iptables-firewall-rules
 
+## The Theory
+
+**NOTE:** The commands below must be run as the root user or user with privileges to access `iptables`.
+
 There are 3 CHAINS. These are INPUT, FORWARD and OUTPUT. 
 * **INPUT** - Used to control the behavior of INCOMING connections.
 * **FORWARD** - Used to control the behavior of connections that aren't delivered locally but sent immediately out. (i.e.: router)
@@ -38,20 +42,70 @@ iptables --policy OUTPUT DROP
 iptables --policy FORWARD DROP
 ```
 
-**ACCEPT vs DROP vs REJECT**
+**Actions: ACCEPT vs DROP vs REJECT**
 
 * **ACCEPT**: Allow the connection
 * **DROP**: Drop the connection (as if no connection was ever made; Useful if you want the system to 'disappear' on the network)
 * **REJECT**: Don't allow the connection but send an error back.
 
+## The Commands (Examples)
 
 **List Entries in `iptables`**
 
 ```bash
 $ iptables -L
 ```
 
-**BLOCK all OUTPUT (outbound) traffic except HTTP**
+**Set Default Policy for INPUT to ACCEPT**
+
+```bash
+iptables --policy INPUT ACCEPT
+```
 
-HTTP is on Port 80
+**Set Default Policy for OUTPUT to DROP**
 
+```bash
+iptables --policy OUTPUT DROP
+```
+
+**Set Default Policy for FORWARD to REJECT**
+
+```bash
+iptables --policy FORWARD ACCEPT
+```
+
+**ACCEPT Connections From a Single IP Address**
+
+```
+$ iptables -A INPUT -s 10.10.10.10 -j ACCEPT
+
+# Explanation: 
+# ACCEPTS all INCOMING Connections from 10.10.10.10.
+# -A <CHAIN>  : Append a Rule to the chain that is specified (INPUT in this scenario)
+# -s <SOURCE> : Source - The Source IP of the connection (10.10.10.10)
+# -j <ACTION> : (jump) - Defines what to do when the Packet matches this rule. We can either ACCEPT, DROP or REJECT it. (ACCEPT)
+```
+
+**DROP Connections for an IP Range**
+
+```
+$ iptables -A INPUT -s 10.10.10.0/24 -j DROP
+
+# Explanation:
+# BLOCKS all INCOMING connections from 10.10.10.0 to 10.10.10.255
+# -A <CHAIN>  : Append a Rule to the chain that is specified (INPUT in this scenario)
+# -s <SOURCE> : Source - The Source IP of the connection (10.10.10.0 to 10.10.10.255)
+# -j <ACTION> : (jump) - Defines what to do when the Packet matches this rule. We can either ACCEPT, DROP or REJECT it. (DROP)
+```
+
+**REJECT OUTBOUND Connections for an IP on a Specific Port (SSH)**
+
+```
+$ iptables -A OUTPUT -p tcp --dport ssh -s 10.10.10.10 -j REJECT
+
+# Explanation:
+# REJECTs all OUTPUT connections to 10.10.10.10 on TCP Port
+# -A <CHAIN>  : Append a Rule to the chain that is specified (OUTPUT in this scenario)
+# -s <SOURCE> : Source - The Source IP of the connection (10.10.10.10)
+# -j <ACTION> : (jump) - Defines what to do when the Packet matches this rule. We can either ACCEPT, DROP or REJECT it. (REJECT) 
+```
diff --git a/CHEATSHEET.md b/CHEATSHEET.md
@@ -3,6 +3,7 @@
 **NOTE:** The commands below must be run as the root user or user with privileges to access `iptables`.
 
 The following list is a great set of documentation for `iptables`:
+   * **How-To Geek: The Beginner’s Guide to iptables, the Linux Firewall**: https://www.howtogeek.com/177621/the-beginners-guide-to-iptables-the-linux-firewall/
    * **IPTables Essentials: Common Firewall Rules and COmmands** https://www.digitalocean.com/community/tutorials/iptables-essentials-common-firewall-rules-and-commands
    * **List and Delete `iptable` rules:** https://www.digitalocean.com/community/tutorials/how-to-list-and-delete-iptables-firewall-rules
 
@@ -18,6 +19,31 @@ Before we determine the individual rules for each of the chain, we need to deter
 ```
 sudo iptables -L | grep policy
 ```
+**Change the default policy for a Chain**
+
+To change the default policy of a chain, run: `iptables --policy <CHAIN> <ACCEPT/DROP>
+
+If we want to ACCEPT all connections (on all Chains), run the following:
+
+```bash
+iptables --policy INPUT ACCEPT
+iptables --policy OUTPUT ACCEPT
+iptables --policy FORWARD ACCEPT
+```
+If we want to DROP all connections (on all chains), run the following:
+
+```bash
+iptables --policy INPUT DROP
+iptables --policy OUTPUT DROP
+iptables --policy FORWARD DROP
+```
+
+**ACCEPT vs DROP vs REJECT**
+
+* **ACCEPT**: Allow the connection
+* **DROP**: Drop the connection (as if no connection was ever made; Useful if you want the system to 'disappear' on the network)
+* **REJECT**: Don't allow the connection but send an error back.
+
 
 **List Entries in `iptables`**
 

diff --git a/CHEATSHEET.md b/CHEATSHEET.md
@@ -3,12 +3,20 @@
 **NOTE:** The commands below must be run as the root user or user with privileges to access `iptables`.
 
 The following list is a great set of documentation for `iptables`:
-  * https://www.digitalocean.com/community/tutorials/how-to-list-and-delete-iptables-firewall-rules
+   * **IPTables Essentials: Common Firewall Rules and COmmands** https://www.digitalocean.com/community/tutorials/iptables-essentials-common-firewall-rules-and-commands
+   * **List and Delete `iptable` rules:** https://www.digitalocean.com/community/tutorials/how-to-list-and-delete-iptables-firewall-rules
+
+There are 3 CHAINS. These are INPUT, FORWARD and OUTPUT. 
+* **INPUT** - Used to control the behavior of INCOMING connections.
+* **FORWARD** - Used to control the behavior of connections that aren't delivered locally but sent immediately out. (i.e.: router)
+* **OUTPUT** - Used to control the behavior of OUTGOING connections.
 
-The general format for the IP Tables Command is:
+**NOTE:** A lot of connections might require inbound and outbound rules, so bear that in mind while making changes to the firewall.
+
+Before we determine the individual rules for each of the chain, we need to determine the default policy for each chain. This can be shown by typing:
 
 ```
-iptables -I <OUTPUT/INPUT> -s/-d <REMOTE_IP> -p <PROTOCOL> --sport/--dport <OUTGOING/INCOMING PORT> -j <ACCEPT/DROP>
+sudo iptables -L | grep policy
 ```
 
 **List Entries in `iptables`**

diff --git a/CHEATSHEET.md b/CHEATSHEET.md
@@ -1,7 +1,23 @@
 # IP Tables (iptables) Cheat Sheet
 
+**NOTE:** The commands below must be run as the root user or user with privileges to access `iptables`.
+
+The following list is a great set of documentation for `iptables`:
+  * https://www.digitalocean.com/community/tutorials/how-to-list-and-delete-iptables-firewall-rules
+
+The general format for the IP Tables Command is:
+
+```
+iptables -I <OUTPUT/INPUT> -s/-d <REMOTE_IP> -p <PROTOCOL> --sport/--dport <OUTGOING/INCOMING PORT> -j <ACCEPT/DROP>
+```
+
 **List Entries in `iptables`**
 
 ```bash
 $ iptables -L
-```
+```
+
+**BLOCK all OUTPUT (outbound) traffic except HTTP**
+
+HTTP is on Port 80
+
diff --git a/CHEATSHEET.md b/CHEATSHEET.md
@@ -0,0 +1,7 @@
+# IP Tables (iptables) Cheat Sheet
+
+**List Entries in `iptables`**
+
+```bash
+$ iptables -L
+```