There are several ways to configure iptables on CentOS. In this tutorial, I will show you a few basic but essential examples of how to use iptables on CentOS:

You can configure the iptables rules according to your needs. All the following commands should be input from your SSH terminal as root.

Check the existing rules:

Flush all existing rules (erase all of them):

Using a stateful rule to allow all established connections:

Some services requires you to allow related connections (ftp,tftp…):

Allow LocaHost rule to communicate:

Allow Web Browsing

Allow Outgoing SSH

Allow Incoming SSH

Allow Incoming SSH from a specified subnet/ip address

Allow Incoming SSH from all

Allow Incoming Web Server

Allow DNS requests out

 Allow Incoming ping

Allow Outgoing ping

Allow SMTP Server

Allow SMTP Client

Allow IMAP Server

Allow IMAP Client

Allow mySQL Server

Allow mySQL Client

Allow NTP Server

Allow NTP Client

Allow rsyslogd in

Allow rsyslogd out

Specify port range, e.g. allow all communication from ports 50-150 to ports 300-400:

Specify IP Address range, this requires the ‘iprange’ module. For example allow all communication to and from 192.168.1.1-192.168.1.31

At last, set the default policies:

Save the iptables configuration with the following command:

or