{"id":13346,"date":"2025-12-20T10:33:40","date_gmt":"2025-12-20T05:03:40","guid":{"rendered":"https:\/\/www.youstable.com\/blog\/?p=13346"},"modified":"2025-12-20T10:33:43","modified_gmt":"2025-12-20T05:03:43","slug":"how-to-setup-iptables-on-linux-server-easy-guide","status":"publish","type":"post","link":"https:\/\/www.youstable.com\/blog\/how-to-setup-iptables-on-linux-server-easy-guide","title":{"rendered":"How to Setup IPTables on Linux Server &#8211; Easy Guide"},"content":{"rendered":"\n<p><strong>To set up iptables on a Linux server:<\/strong> install the iptables tools, add baseline allow rules (loopback, established\/related), permit SSH and required service ports, set default policies to DROP, add logging and rate limits, save the configuration, and make it persistent. Always keep console access or a second SSH session while applying changes.<\/p>\n\n\n\n<p>If you\u2019re wondering how to setup iptables on Linux server safely, this guide gives you a proven, beginner-friendly process I\u2019ve used for years managing production VPS and bare-metal nodes. You\u2019ll learn recommended iptables rules, how to persist them on reboot, and how to test so you don\u2019t lock yourself out.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"what-is-iptables-and-when-should-you-use-it\"><strong>What is iptables and When Should You Use it?<\/strong><\/h2>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"1200\" height=\"628\" src=\"https:\/\/www.youstable.com\/blog\/wp-content\/uploads\/2025\/12\/Fix-IPtables-on-Linux.jpg\" alt=\"What Is iptables and When Should You Use It?\" class=\"wp-image-13555\" srcset=\"https:\/\/www.youstable.com\/blog\/wp-content\/uploads\/2025\/12\/Fix-IPtables-on-Linux.jpg 1200w, https:\/\/www.youstable.com\/blog\/wp-content\/uploads\/2025\/12\/Fix-IPtables-on-Linux-150x79.jpg 150w\" sizes=\"auto, (max-width: 1200px) 100vw, 1200px\" \/><\/figure>\n\n\n\n<p><a href=\"https:\/\/www.youstable.com\/blog\/configure-iptables-on-linux\/\">iptables is the classic Linux<\/a> firewall (netfilter) interface that filters network packets via chains and rules. On many modern distributions, iptables is a compatibility layer over nftables, but the commands still work. If you prefer direct control and scriptability without an abstraction (like UFW or Firewalld), iptables is a solid choice.<\/p>\n\n\n\n<p>Note: Newer servers default to nftables. That\u2019s fine\u2014iptables commands typically call the iptables-nft backend. The steps below work on most Ubuntu\/Debian and RHEL\/CentOS\/AlmaLinux\/Rocky systems.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"prerequisites-and-safety-checklist\"><strong>Prerequisites and Safety Checklist<\/strong><\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Root or sudo access.<\/li>\n\n\n\n<li>Console or out-of-band access (avoid lockouts).<\/li>\n\n\n\n<li>Know your SSH port and service ports (e.g., 22, 80, 443).<\/li>\n\n\n\n<li>Package <a href=\"https:\/\/www.youstable.com\/blog\/what-is-iptables-linux-access-manage\/\">manager access to install iptables<\/a> tools.<\/li>\n\n\n\n<li>For IPv6, plan to mirror rules with ip6tables.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"step-by-step-configure-a-secure-baseline-iptables-firewall\"><strong>Step-by-Step: Configure a Secure Baseline iptables Firewall<\/strong><\/h2>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"1-identify-your-firewall-stack\"><strong>1) Identify Your Firewall Stack<\/strong><\/h3>\n\n\n\n<p>Check which backend you\u2019re using (legacy or nft) and list current rules so you can revert if needed.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo iptables --version\nsudo iptables -S\nsudo iptables -L -v -n\n# For IPv6:\nsudo ip6tables -L -v -n<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"2-install-required-packages\"><strong>2) Install Required Packages<\/strong><\/h3>\n\n\n\n<p>Install the iptables tools and persistence utilities for your distro.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># Debian\/Ubuntu\nsudo apt update\nsudo apt install -y iptables iptables-persistent netfilter-persistent\n\n# RHEL\/CentOS\/AlmaLinux\/Rocky (enable classic iptables services)\nsudo dnf install -y iptables iptables-services\n# (Optional) If <a href=\"https:\/\/www.youstable.com\/blog\/se-firewalld-on-linux\/\">Firewalld is enabled<\/a> and you prefer iptables, stop\/disable it:\n# sudo systemctl stop firewalld &amp;&amp; sudo systemctl <a href=\"https:\/\/www.youstable.com\/blog\/how-to-stop-and-disable-firewalld\/\">disable firewalld<\/a>\n# sudo systemctl enable iptables<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"3-start-with-a-clean-slate-optional-but-recommended\"><strong>3) Start with a Clean Slate (Optional but Recommended)<\/strong><\/h3>\n\n\n\n<p>Flush old rules and custom chains. Do this only if you understand the impact. Keep an SSH session open.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo iptables -F\nsudo iptables -X\nsudo iptables -t nat -F\nsudo iptables -t nat -X\nsudo iptables -t mangle -F\nsudo iptables -t mangle -X\n\n# IPv6 equivalent\nsudo ip6tables -F\nsudo ip6tables -X<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"4-add-baseline-allow-rules-first\"><strong>4) Add Baseline Allow Rules First<\/strong><\/h3>\n\n\n\n<p>Add rules that keep your current connection alive and allow local\/system traffic. Then set default policies to DROP. This order prevents accidental lockouts.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># Accept all on loopback\nsudo iptables -A INPUT -i lo -j ACCEPT\nsudo iptables -A OUTPUT -o lo -j ACCEPT\n\n# Accept established\/related traffic (critical for SSH stability)\nsudo iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT\nsudo iptables -A OUTPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT\n\n# Allow SSH (change 22 if you use a custom port)\nSSH_PORT=22\nsudo iptables -A INPUT -p tcp --dport $SSH_PORT -m conntrack --ctstate NEW -j ACCEPT\n\n# Allow HTTP\/HTTPS if it's a <a href=\"https:\/\/www.youstable.com\/blog\/install-apache-web-server-in-linux\/\">web server<\/a>\nsudo iptables -A INPUT -p tcp --dport 80 -m conntrack --ctstate NEW -j ACCEPT\nsudo iptables -A INPUT -p tcp --dport 443 -m conntrack --ctstate NEW -j ACCEPT\n\n# (Optional) Allow ping with rate limit\nsudo iptables -A INPUT -p icmp -m icmp --icmp-type echo-request -m limit --limit 1\/second -j ACCEPT\n\n# Drop invalid packets\nsudo iptables -A INPUT -m conntrack --ctstate INVALID -j DROP\n\n# Default policies: DROP unsolicited inbound and forward; allow outbound by default\nsudo iptables -P INPUT DROP\nsudo iptables -P FORWARD DROP\nsudo iptables -P OUTPUT ACCEPT<\/code><\/pre>\n\n\n\n<p>For IPv6, mirror the key rules using ip6tables:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo ip6tables -A INPUT -i lo -j ACCEPT\nsudo ip6tables -A OUTPUT -o lo -j ACCEPT\nsudo ip6tables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT\nsudo ip6tables -A INPUT -p tcp --dport 22 -m conntrack --ctstate NEW -j ACCEPT\nsudo ip6tables -A INPUT -p ipv6-icmp -j ACCEPT\nsudo ip6tables -P INPUT DROP\nsudo ip6tables -P FORWARD DROP\nsudo ip6tables -P OUTPUT ACCEPT<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"5-open-additional-service-ports-as-needed\"><strong>5) Open Additional Service Ports (As Needed)<\/strong><\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>DNS (UDP\/TCP 53) for resolvers\/authoritative servers<\/li>\n\n\n\n<li>SMTP (25), Submission (587), IMAPS (993) for mail servers<\/li>\n\n\n\n<li>Database ports (restrict by source IP where possible)<\/li>\n<\/ul>\n\n\n\n<pre class=\"wp-block-code\"><code># Examples:\n# Allow DNS\nsudo iptables -A INPUT -p udp --dport 53 -m conntrack --ctstate NEW -j ACCEPT\nsudo iptables -A INPUT -p tcp --dport 53 -m conntrack --ctstate NEW -j ACCEPT\n\n# Allow Postgres only from a trusted app server\nsudo iptables -A INPUT -p tcp -s 203.0.113.10 --dport 5432 -m conntrack --ctstate NEW -j ACCEPT\n\n# Allow Redis only from localhost or private network\nsudo iptables -A INPUT -p tcp -s 127.0.0.1 --dport 6379 -j ACCEPT\nsudo iptables -A INPUT -p tcp -s 10.0.0.0\/8 --dport 6379 -j ACCEPT<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"6-add-logging-and-simple-abuse-protection-optional\"><strong>6) Add Logging and Simple Abuse Protection (Optional)<\/strong><\/h3>\n\n\n\n<p>Selective logging helps during audits without flooding syslog. Rate limits reduce brute-force noise.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># Log (rate-limited) then drop everything else on INPUT\nsudo iptables -A INPUT -m limit --limit 5\/min -j LOG --log-prefix \"&#91;IPT INPUT DROP] \" --log-level 4\nsudo iptables -A INPUT -j DROP\n\n# Basic <a href=\"https:\/\/www.youstable.com\/blog\/what-is-fail2ban-on-linux-server\/\">SSH brute-force<\/a> throttle (e.g., 5 new connections\/min)\nsudo iptables -A INPUT -p tcp --dport $SSH_PORT -m state --state NEW -m recent --set\nsudo iptables -A INPUT -p tcp --dport $SSH_PORT -m state --state NEW -m recent --update --seconds 60 --hitcount 5 -j DROP<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"save-and-persist-iptables-rules\"><strong>Save and Persist iptables Rules<\/strong><\/h2>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"debian-ubuntu\"><strong>Debian\/Ubuntu<\/strong><\/h3>\n\n\n\n<p>Use iptables-persistent (netfilter-persistent) to save and auto-restore rules at boot.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo netfilter-persistent save\n# or\nsudo sh -c 'iptables-save &gt; \/etc\/iptables\/rules.v4'\nsudo sh -c 'ip6tables-save &gt; \/etc\/iptables\/rules.v6'\n\n# Test reload\nsudo netfilter-persistent reload\nsudo systemctl enable netfilter-persistent<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"rhel-centos-almalinux-rocky\"><strong>RHEL\/CentOS\/AlmaLinux\/Rocky<\/strong><\/h3>\n\n\n\n<p>Use iptables-services to manage and persist rules with systemd.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo systemctl enable iptables\nsudo systemctl start iptables\n\n# Save current rules\nsudo service iptables save  # persists to \/etc\/sysconfig\/iptables\n\n# For IPv6 if using ip6tables-services\nsudo systemctl enable ip6tables\nsudo systemctl start ip6tables\nsudo service ip6tables save<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"validate-and-troubleshoot-your-firewall\"><strong>Validate and Troubleshoot Your Firewall<\/strong><\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>List rules with counters: <code>iptables -L -v -n<\/code><\/li>\n\n\n\n<li>Show raw syntax: <code>iptables -S<\/code><\/li>\n\n\n\n<li>Check logs: <code>journalctl -k | grep \"IPT INPUT DROP\"<\/code><\/li>\n\n\n\n<li>Port scan from a remote host: <code>nmap -Pn &lt;server_ip&gt;<\/code><\/li>\n\n\n\n<li>Test service reachability: curl, telnet, or nc on required ports<\/li>\n<\/ul>\n\n\n\n<p>If you\u2019re locked out, use your provider\u2019s console (VNC\/HTML5) to revert:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># Flush and accept everything (emergency)\nsudo iptables -F\nsudo iptables -P INPUT ACCEPT\nsudo iptables -P FORWARD ACCEPT\nsudo iptables -P OUTPUT ACCEPT<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"reusable-baseline-script-ipv4\"><strong>Reusable Baseline Script (IPv4)<\/strong><\/h2>\n\n\n\n<p>Customize ports and allowed sources, run as root, then save\/persist.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>#!\/usr\/bin\/env bash\nset -e\nSSH_PORT=\"22\"\n\n# Flush\niptables -F\niptables -X\niptables -t nat -F\niptables -t mangle -F\n\n# Default ACCEPT while building\niptables -P INPUT ACCEPT\niptables -P FORWARD DROP\niptables -P OUTPUT ACCEPT\n\n# Allow loopback\niptables -A INPUT -i lo -j ACCEPT\niptables -A OUTPUT -o lo -j ACCEPT\n\n# Established\/related\niptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT\n\n# SSH\niptables -A INPUT -p tcp --dport \"$SSH_PORT\" -m conntrack --ctstate NEW -j ACCEPT\n\n# Web\niptables -A INPUT -p tcp --dport 80 -m conntrack --ctstate NEW -j ACCEPT\niptables -A INPUT -p tcp --dport 443 -m conntrack --ctstate NEW -j ACCEPT\n\n# ICMP (ping) rate-limited\niptables -A INPUT -p icmp -m icmp --icmp-type echo-request -m limit --limit 1\/second -j ACCEPT\n\n# Drop invalid\niptables -A INPUT -m conntrack --ctstate INVALID -j DROP\n\n# Final policy\niptables -P INPUT DROP\niptables -A INPUT -m limit --limit 5\/min -j LOG --log-prefix \"&#91;IPT DROP] \" --log-level 4\niptables -A INPUT -j DROP\n\necho \"Applied baseline iptables rules.\"<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"iptables-vs-ufw-vs-nftables\"><strong>iptables vs UFW vs nftables<\/strong><\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>iptables: Low-level, scriptable, ubiquitous. Excellent for VPS admins who want precise control.<\/li>\n\n\n\n<li>UFW: User-friendly wrapper on Ubuntu. Faster to start, fewer foot-guns, good for simple servers.<\/li>\n\n\n\n<li>nftables: Modern backend with improved performance and consistency. Recommended for new deployments if you\u2019re comfortable with its syntax.<\/li>\n<\/ul>\n\n\n\n<p>If you already use UFW or Firewalld, avoid running raw iptables and a wrapper simultaneously to prevent conflicts. Choose one approach.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"best-practices-pitfalls-and-hardening-tips\"><strong>Best Practices, Pitfalls, and Hardening Tips<\/strong><\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Apply allow rules before switching default policies to DROP.<\/li>\n\n\n\n<li>Restrict sensitive ports (databases, admin panels) by source IP.<\/li>\n\n\n\n<li>Mirror IPv4 rules for IPv6 to avoid unexpected exposure.<\/li>\n\n\n\n<li>Back up current rules with <code>iptables-save<\/code> before edits.<\/li>\n\n\n\n<li>Use connection limits and recent module for brute-force protection.<\/li>\n\n\n\n<li>Log drops with rate limits; otherwise logs can grow fast.<\/li>\n\n\n\n<li>Automate rule deployment (Ansible\/Shell) for consistency across servers.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"real-world-scenarios\"><strong>Real-World Scenarios<\/strong><\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Single-node WordPress host: Allow 22, 80, 443; restrict MySQL to localhost; log drops.<\/li>\n\n\n\n<li>App + DB split: App server allows outbound 5432 to DB; DB server allows inbound 5432 only from app IPs.<\/li>\n\n\n\n<li>Public API: Enforce 80\/443, rate-limit ICMP, and add Geo\/IP allowlists if required.<\/li>\n<\/ul>\n\n\n\n<p>By following these steps, you can confidently <a href=\"https:\/\/www.youstable.com\/blog\/configure-csf-firewall-on-linux\/\">configure and persist a secure iptables firewall on your Linux server<\/a>, reduce attack surface, and maintain stable access for legitimate services.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"faqs-iptables-setup-on-linux\"><strong>FAQs: iptables Setup on Linux<\/strong><\/h2>\n\n\n<div id=\"rank-math-faq\" class=\"rank-math-block\">\n<div class=\"rank-math-list \">\n<div id=\"faq-question-1765799333199\" class=\"rank-math-list-item\">\n<h3 class=\"rank-math-question \" class=\"rank-math-question \" id=\"is-iptables-still-used-or-should-i-switch-to-nftables\"><strong>Is iptables still used, or should I switch to nftables?<\/strong><\/h3>\n<div class=\"rank-math-answer \">\n\n<p>iptables is still widely used and supported. Many distros map iptables commands to the nftables backend (iptables-nft), so your workflow remains valid. If you\u2019re starting fresh and want a modern syntax and performance, nftables is an excellent choice\u2014but iptables remains production-ready.<\/p>\n\n<\/div>\n<\/div>\n<div id=\"faq-question-1765799338165\" class=\"rank-math-list-item\">\n<h3 class=\"rank-math-question \" class=\"rank-math-question \" id=\"how-do-i-list-current-rules\"><strong><strong>How do I list current rules?<\/strong><\/strong><\/h3>\n<div class=\"rank-math-answer \">\n\n<p>Use <code>iptables -L -v -n<\/code> for a human-readable view with counters, or <code>iptables -S<\/code> for the exact rule syntax. For IPv6, use <code>ip6tables -L -v -n<\/code>. These commands help you audit hits and confirm that your policies are applied correctly.<\/p>\n\n<\/div>\n<\/div>\n<div id=\"faq-question-1765799354481\" class=\"rank-math-list-item\">\n<h3 class=\"rank-math-question \" class=\"rank-math-question \" id=\"how-do-i-open-a-port-in-iptables\"><strong>How do I open a port in iptables?<\/strong><\/h3>\n<div class=\"rank-math-answer \">\n\n<p>Append an allow rule to the INPUT chain. For example, to open TCP 8080: <code>iptables -A INPUT -p tcp --dport 8080 -m conntrack --ctstate NEW -j ACCEPT<\/code>. Save and persist the rules afterward using iptables-persistent (Debian\/Ubuntu) or iptables-services (RHEL-based).<\/p>\n\n<\/div>\n<\/div>\n<div id=\"faq-question-1765799362397\" class=\"rank-math-list-item\">\n<h3 class=\"rank-math-question \" class=\"rank-math-question \" id=\"how-can-i-make-iptables-rules-persistent-across-reboots\"><strong>How can I make iptables rules persistent across reboots?<\/strong><\/h3>\n<div class=\"rank-math-answer \">\n\n<p>On Debian\/Ubuntu, <a href=\"https:\/\/www.youstable.com\/blog\/install-and-run-php-8-x-on-ubuntu-20-04\/\">install iptables-persistent and run<\/a> netfilter-persistent save. On RHEL-based systems, install <code>iptables-services<\/code> and run <code>service iptables save<\/code>. Confirm <code>systemctl enable<\/code> for the relevant service to load rules at boot.<\/p>\n\n<\/div>\n<\/div>\n<div id=\"faq-question-1765799371264\" class=\"rank-math-list-item\">\n<h3 class=\"rank-math-question \" class=\"rank-math-question \" id=\"will-these-rules-block-outgoing-traffic\"><strong>Will these rules block outgoing traffic?<\/strong><\/h3>\n<div class=\"rank-math-answer \">\n\n<p>In this guide, OUTPUT is set to ACCEPT by default, so outbound traffic is allowed. If you need egress control, change <code>iptables -P OUTPUT ACCEPT<\/code> to DROP and explicitly allow required destinations and ports (e.g., DNS 53, HTTP\/HTTPS for updates).<\/p>\n\n<\/div>\n<\/div>\n<\/div>\n<\/div>","protected":false},"excerpt":{"rendered":"<p>To set up iptables on a Linux server: install the iptables tools, add baseline allow rules (loopback, established\/related), permit SSH [&hellip;]<\/p>\n","protected":false},"author":13,"featured_media":15495,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"iawp_total_views":7,"footnotes":""},"categories":[350],"tags":[],"class_list":["post-13346","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-knowledgebase"],"acf":[],"featured_image_src":"https:\/\/www.youstable.com\/blog\/wp-content\/uploads\/2025\/12\/How-to-Setup-IPTables-on-Linux-Server.jpg","author_info":{"display_name":"Prahlad Prajapati","author_link":"https:\/\/www.youstable.com\/blog\/author\/prahladblog"},"_links":{"self":[{"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/posts\/13346","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/users\/13"}],"replies":[{"embeddable":true,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/comments?post=13346"}],"version-history":[{"count":5,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/posts\/13346\/revisions"}],"predecessor-version":[{"id":15496,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/posts\/13346\/revisions\/15496"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/media\/15495"}],"wp:attachment":[{"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/media?parent=13346"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/categories?post=13346"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/tags?post=13346"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}