Iptables is a generic table structure for the definition of rulesets. Each rule within an IP table consists of a number of classifiers (iptables matches) and one connected action (iptables target).
To drop/block an IP in iptables
iptables -I INPUT -s x.x.x.x -j DROP; iptables -A OUTPUT -d x.x.x.x -j DROP
To allow an IP in iptables
iptables -D INPUT -s x.x.x.x -j ALLOW; iptables -D OUTPUT -d x.x.x.x -j ALLOW
To allow all current connections, all of the connections at the time of making the rule, will stay online
iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
Allow a service though (in this case ssh)
iptables -A INPUT -p tcp --dport ssh -j ACCEPT
Allow a specific port (in this case apache)
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
To deny a specific port (in this case 5555)
iptables -A INPUT -i eth1 -p tcp --dport 5555 -j DROP
To see the currently running ruleset
iptables -nL
If you want to see all the rules with a bit more verbose output
iptables -L -v
To save the current rules you would run one of the following commands
service iptables save
/etc/init.d/iptables save
To restart the rules you would run one of the these commands
service iptables restart
Save and restore examples
The debian derivatives do not have the iptables save package so in order to save and restore iptables rules you need to install the iptables-persistent package
apt-get install iptables-persistent
After installed, you can save/reload iptables rules anytime:
/etc/init.d/iptables-persistent save
/etc/init.d/iptables-persistent reload
You can also use the serivce command:
service iptables-persistent save
service iptables-persistent flush
service iptables-persistent start
service iptables-persistent restart