Learn to control network traffic at the packet level with concrete commands and a hands-on example. 15.06.2026 | reading time: 3 min Packet filtering is where Linux meets the network; iptables is the classic command-line tool that controls how packets are accepted, dropped or modified on a host, and this guide shows concrete commands to act, not only theory. Immediate Lab A small scenario: a server must drop all unsolicited connections, allow SSH, accept established traffic and block one hostile IP; run the commands below as root to apply the rules and then list them to verify: ```bash iptables -P INPUT DROP iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT iptables -A INPUT -p tcp --dport 22 -j ACCEPT iptables -A INPUT -s 203.0.113.45 -j DROP iptables -L -v -n --line-numbers ``` The final list shows counters and the order of rules so he can confirm SSH is allowed, established flows continue and the specified source is blocked. Key options and rules Rules live in tables and chains, so he must think which table to use (filter for most cases, nat for address translation), and rule order matters because the kernel stops at the first match; common flags are `-A` to append, `-I` to insert, `-D` to delete, `-t` to choose a table, and matches like `-p tcp`, `--dport`, or `-m conntrack --ctstate` to allow established connections; persist rules with `iptables-save` and `iptables-restore`, log suspicious packets with the `LOG` target and test carefully on a console access channel to avoid locking himself out. Complementary tools iptables sits among several modern utilities: `nftables` offers a newer consolidated framework, `firewalld` and `ufw` provide higher-level management front ends for interactive or distribution-integrated setups, and `ip6tables` handles IPv6; use these when you need simpler policy tooling, IPv6 support or migration to kernel-supported rule sets. Where to go next Start experimenting with small rule sets, then read about connection tracking, NAT and the kernel netfilter hooks to understand why order and table choice change behavior; deepen knowledge with structured study and consider certifications such as CompTIA Linux+ or LPIC-1, and explore intensive exam preparation at bitsandbytes.academy to turn hands-on skill into a credential. Join Bits & Bytes Academy First class LINUX exam preparation. network security utilities troubleshooting
