Skip to main content

iptables Cheat Sheet 2026 — Quick CLI Command Reference

2 min read

iptables Cheat Sheet 2026 — Quick Command Reference

iptables Cheat Sheet is the complete quick-reference of iptables commands grouped by function. Copy any command with one click and find what you need with Ctrl+F in under 3 seconds.

iptables Firewall Rules

Action Command Useful flags
View chains, rules, packet/byte counters, and line numbers for the filter table 
sudo iptables --verbose --numeric --list --line-numbers
 --verbose --numeric --list --line-numbers
Set chain policy rule 
sudo iptables --policy <chain> <rule>
 --policy
Append rule to chain policy for IP 
sudo iptables --append <chain> --source <ip_address> --jump <rule>
 --append --source --jump
Append rule to chain policy for IP considering protocol and port 
sudo iptables --append <chain> --source <ip_address> --protocol <tcp|udp|icmp|...> --dport <port> --jump <rule>
 --append --source --protocol --dport
Add a NAT rule to translate all traffic from the `192.168.0.0/24` subnet to the 
sudo iptables --table <nat> --append <POSTROUTING> --source <192.168.0.0/24> --jump <MASQUERADE>
 --table --append --source --jump
Delete chain rule 
sudo iptables --delete <chain> <rule_line_number>
 --delete

⚠️ Dangerous / Destructive Commands

These commands are irreversible. Verify your environment (dev/staging vs prod) before running them.

Action Command Warning
⚠️ Delete 
sudo iptables --delete <chain> <rule_line_number>
 Irreversible — verify the target before running

FAQ — Frequently Asked Questions

What is the difference between iptables Firewall Rules and the other groups?

Each group in this iptables cheat sheet covers a distinct area. iptables Firewall Rules focuses on its specific scope, while the other groups and the remaining groups cover networking, storage, security and diagnostics respectively.

How do I check the installed iptables version?

Run the version command (usually iptables version or iptables --version). The output shows the client and, when applicable, the server version.

Why does iptables return ‘permission denied’?

A ‘permission denied’ error in iptables usually means the current user lacks sufficient privileges or credentials are not configured. Check: (1) assigned IAM/RBAC roles, (2) an active authentication context via the corresponding login command.

How do I filter iptables output by status or name?

Use flags such as --filter, --selector or --query depending on the tool. You can also pipe into grep or jq to process JSON: 

iptables list | grep RUNNING

What is the fastest way to debug a iptables error?

Add the verbose flag (--verbose, -v or --debug) to the failing command. This reveals the underlying HTTP/API calls and the full error response body.

Official sources & references

Commands cross-checked against vendor documentation and high-authority repositories: