To whitelist an IP address in iptables, you need to add a rule to allow incoming traffic from that IP address. Here’s how you can do it:
First, if you don’t have an existing rule to allow the specific traffic on the desired port, you’ll need to add one. For example, if you want to allow incoming traffic on port 22 (SSH), you would add a rule like this
sudo iptables -A INPUT -p tcp --dport 22 -j ACCEPT
This command allows incoming TCP traffic on port 22.
Next, you’ll add a rule to allow traffic from the specific IP address. Let’s assume the IP address you want to whitelist is 192.168.1.100:
sudo iptables -A INPUT -s 192.168.1.100 -j ACCEPT
This command allows incoming traffic from the IP address 192.168.1.100.
Finally, ensure that the default policy for incoming, outgoing, and forwarded traffic is set to drop (for security reasons) and save your changes so they persist across reboots:
sudo iptables -P INPUT DROP
sudo iptables -P FORWARD DROP
sudo iptables -P OUTPUT ACCEPT
sudo iptables-save > /etc/iptables/rules.v4
These commands set the default policy for incoming and forwarded traffic to drop, meaning that traffic that doesn’t match any rules will be discarded. The default policy for outgoing traffic is set to accept, allowing all outgoing traffic. The iptables-save command saves the current iptables configuration to the specified file, so it will be loaded automatically on system startup.
Please note that iptables rules only persist until the system is rebooted unless you save them as shown above. Additionally, if you’re using IPv6, you should also configure rules for IPv6 traffic using ip6tables.
For Technical Assistance, Contact PlatinumSupport:
WhatsApp: +91 9922950127
Email: esupport@platinumsupport.inPlatinumSupport is here to provide expert guidance and support,