I have a
service script and rules script for iptables that I publish (
iptables.rules are my actual rules). That iptables script also has logging. It also a more involved iptables example than your average script.
See man iptables. That thoroughly discusses every option I'm using. Why did I design it that way? Because I want to easily add and remove rules without refreshing my whole firewall. I took concepts from RedHat's firewalld and made them my own.
I have chains for when I'm on my internal network vs VPN vs anywhere else.
Also notice I configure outbound rules. Configuring outbound rules goes a long way for securing a computer. Most guides you encounter won't discuss it much.
My
iptables service script is what I use in a SysV init based startup. You might need to change it depending on the init system you're using. In general, you can load the firewall rules using the following command.
Code:
iptables-restore < /etc/iptables.rules
Feel free to ask additional questions.