Firewall Builder is GUI firewall for to see all firewall policy rule structured view. You can install this tool going through this link
https://help.ubuntu.com/community/DynamicFirewall
You can install also Firestarter
firewall just by executing the
apt-get install firestarter
#Export a firewall
rules in a text file
iptables-save>rules.txt
#Restore a firewall
rule from a text file (make sure you will lost your existing firewall rules after
restoring)
iptables-restore<rules.txt
#Check the firewall
rules
iptables -L -n -v
#Check the firewall chain
rule through line numbers
INPUT==>iptables
-L INPUT --line-numbers
OUTPUT==>iptables
-L OUTPUT --line-numbers
FORWARD==> iptables
-L FORWARD --line-numbers
#Delete the particular
firewall rule from a particular chain
Step1: First check the line numbers from about command
Step2: Ececute this command on your terminal==> iptables
-D POLICY-NAME LINE-NUMBER
LIKE: for INPUT
POLICY==> iptables -D INPUT 13
#FTP Port in terminal
iptables -A INPUT -p tcp
-m tcp --dport 21 -j ACCEPT
iptables -A OUTPUT -p tcp
-m tcp --sport 20 -j ACCEPT
#For to open 80 and 443
port
iptables -A INPUT -m state
--state NEW -p tcp --dport 80 -j ACCEPT
iptables -A INPUT -m state
--state NEW -p tcp --dport 443 -j ACCEPT
#UDP Port for SIP
SERVER
iptables -A INPUT -p udp
--dport 5060 -j ACCEPT
iptables -A INPUT -p udp
--dport 10000:20000 -j ACCEPT
#VPN SERVER Firewall Rules
iptables -A INPUT -i eth1
-p tcp --dport 1723 -j ACCEPT
iptables -A OUTPUT -p tcp
--dport 1723 -j ACCEPT
#Coovachilli Hotspot
port
iptables -I INPUT -i lo -j ACCEPT
iptables -I INPUT -p tcp -m tcp --dport 443 --syn -j ACCEPT
iptables -I INPUT -p tcp -m tcp --dport 3990 --syn -j ACCEPT
iptables -I INPUT -p tcp -m tcp --dport 4990 --syn -j ACCEPT
iptables -I INPUT -p tcp -m tcp --dport 443 --syn -j ACCEPT
iptables -I INPUT -p tcp -m tcp --dport 3990 --syn -j ACCEPT
iptables -I INPUT -p tcp -m tcp --dport 4990 --syn -j ACCEPT
#Other Port for
Coovachilli Hotspot(if facing any issue check these port also)
iptables -I INPUT -p tcp -m tcp --dport 80 --syn -j
ACCEPT
iptables -I INPUT -p tcp -m tcp --dport 53 --syn -j ACCEPT
iptables -I INPUT -p tcp -m tcp --dport 67:68 --syn -j ACCEPT
iptables -I INPUT -p tcp -m tcp --dport 3306 --syn -j ACCEPT
iptables -I INPUT -p tcp -m tcp --dport 53 --syn -j ACCEPT
iptables -I INPUT -p tcp -m tcp --dport 67:68 --syn -j ACCEPT
iptables -I INPUT -p tcp -m tcp --dport 3306 --syn -j ACCEPT
#SSH Accept from tun0
iptables -I INPUT -i tun0 -p tcp -m tcp --dport 22 --dst 192.168.3.1 -j ACCEPT
iptables -I INPUT -p tcp --dport 22 -j ACCEPT
iptables -I INPUT -i tun0 -p tcp -m tcp --dport 22 --dst 192.168.3.1 -j ACCEPT
iptables -I INPUT -p tcp --dport 22 -j ACCEPT
#Open UDP Port for sip
server
iptables -A INPUT -p udp
--dport 5060 -j ACCEPT
iptables -A INPUT -p udp
--dport 10000:20000 -j ACCEPT
