{"id":13614,"date":"2026-03-11T10:58:29","date_gmt":"2026-03-11T05:28:29","guid":{"rendered":"https:\/\/www.youstable.com\/blog\/?p=13614"},"modified":"2026-03-11T10:58:41","modified_gmt":"2026-03-11T05:28:41","slug":"fix-iptables-on-linux-server","status":"publish","type":"post","link":"https:\/\/www.youstable.com\/blog\/fix-iptables-on-linux-server","title":{"rendered":"How to Fix IPTables on Linux Server in 2026? &#8211; Easy Guide"},"content":{"rendered":"\n<p><strong>To fix iptables on a Linux server<\/strong>, connect via console, identify your firewall stack (iptables-legacy, iptables-nft, firewalld, or UFW), list and back up current rules, set safe default policies, allow essential ports <strong>(SSH\/HTTP\/HTTPS)<\/strong>, flush or correct bad rules, save and make rules persistent, then verify connectivity and logs.<\/p>\n\n\n\n<p>If your server is unreachable or services are failing, a misconfigured firewall is often the culprit. This guide explains how to fix iptables on a Linux server step by step, whether <strong>you\u2019re on Ubuntu\/Debian, CentOS\/RHEL\/AlmaLinux<\/strong>, or derivatives. <\/p>\n\n\n\n<p>You\u2019ll learn safe recovery steps, how to diagnose issues, and how to make fixes persistent.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity is-style-wide\"\/>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"what-is-iptables-and-why-it-breaks\">What is IPTables and Why it Breaks?<\/h2>\n\n\n\n<p><a href=\"https:\/\/www.youstable.com\/blog\/configure-iptables-on-linux\/\">IPTables is the user space tool for Linux\u2019s<\/a> Netfilter firewall. It filters traffic using tables (filter, nat, mangle, raw) and chains <strong>(INPUT, FORWARD, OUTPUT)<\/strong>. <\/p>\n\n\n\n<figure class=\"wp-block-image aligncenter size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"800\" height=\"533\" src=\"https:\/\/www.youstable.com\/blog\/wp-content\/uploads\/2025\/12\/image-87.png\" alt=\"Fix IPTables on Linux Server\" class=\"wp-image-14142\" srcset=\"https:\/\/www.youstable.com\/blog\/wp-content\/uploads\/2025\/12\/image-87.png 800w, https:\/\/www.youstable.com\/blog\/wp-content\/uploads\/2025\/12\/image-87-150x100.png 150w\" sizes=\"auto, (max-width: 800px) 100vw, 800px\" \/><\/figure>\n\n\n\n<p>Problems usually come from wrong default policies, missing allow rules, incorrect NAT\/forwarding, or conflicts with front ends like UFW and firewalld.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity is-style-wide\"\/>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"quick-fix-checklist-use-console-kvm-if-locked-out\">Quick Fix Checklist (Use Console\/KVM If Locked Out)<\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/www.youstable.com\/blog\/how-to-connect-to-server-via-ssh\/\">Connect via out of band console <strong>(KVM\/IPMI\/Virtual Console)<\/strong> to avoid SSH<\/a> lockouts.<\/li>\n\n\n\n<li>Detect firewall stack: iptables legacy vs iptables-nft, firewalld, or UFW.<\/li>\n\n\n\n<li>List and backup rules with iptables save.<\/li>\n\n\n\n<li>Set default policies to ACCEPT temporarily, allow SSH, then apply minimal rules.<\/li>\n\n\n\n<li>Validate connectivity, then tighten rules gradually.<\/li>\n\n\n\n<li>Save and enable persistence.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"step-1-identify-your-firewall-stack\">Step 1: Identify Your Firewall Stack<\/h3>\n\n\n\n<p>Modern distros often ship iptables as a compatibility shim for nftables (called iptables-nft). Others use firewalld (RHEL-based) or UFW (Ubuntu). You must know what you\u2019re fixing.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># Check which iptables backend\nupdate-alternatives --display iptables 2&gt;\/dev\/null\niptables --version\n\n# Detect firewalld or UFW\nsystemctl is-active firewalld\nufw status 2&gt;&amp;1 | head -n1\n\n# Show nftables (if in use)\nnft list ruleset<\/code><\/pre>\n\n\n\n<p>If firewalld or UFW is active, prefer fixing via those tools, not raw iptables, to avoid conflicts.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"step-2-list-and-backup-current-rules\">Step 2: List and Backup Current Rules<\/h3>\n\n\n\n<p>Before changing anything, snapshot the current firewall. This gives you a rollback if needed.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># Human-readable listing\niptables -L -n -v --line-numbers\niptables -S\n\n# Save to file (backup)\niptables-save &gt; \/root\/iptables-$(date +%F-%H%M).rules<\/code><\/pre>\n\n\n\n<p>If you use IPv6, repeat with ip6tables commands.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"step-3-recover-access-safely\">Step 3: Recover Access Safely<\/h3>\n\n\n\n<p>Always ensure you have console access. If you\u2019re remote over SSH, use a safety window by permitting SSH first and applying a timed rollback via at or sleep in another session if needed.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># Temporarily set permissive defaults\niptables -P INPUT ACCEPT\niptables -P FORWARD ACCEPT\niptables -P OUTPUT ACCEPT\n\n# Flush rules and non-default chains\niptables -F\niptables -X\niptables -t nat -F\niptables -t mangle -F\n\n# Allow essential traffic explicitly before tightening\niptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT\niptables -A INPUT -p tcp --dport 22 -j ACCEPT   # SSH\niptables -A INPUT -p tcp --dport 80 -j ACCEPT   # HTTP\niptables -A INPUT -p tcp --dport 443 -j ACCEPT  # HTTPS\niptables -A INPUT -i lo -j ACCEPT               # Loopback\niptables -A INPUT -p icmp -j ACCEPT             # Ping (optional)\niptables -A INPUT -j DROP                       # Default deny<\/code><\/pre>\n\n\n\n<p>Confirm you can reconnect via SSH before closing your session. Then proceed to adjust service specific ports.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"step-4-fix-common-iptables-problems\">Step 4: Fix Common IPTables Problems<\/h3>\n\n\n\n<h4 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"problem-locked-out-of-ssh\">Problem: Locked Out of SSH<\/h4>\n\n\n\n<p>Ensure an allow rule for port 22 (or your custom SSH port). If you use a non-standard port, adjust accordingly and consider rate limiting to reduce brute force attacks.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># If SSH runs on 2222\niptables -A INPUT -p tcp --dport 2222 -m conntrack --ctstate NEW -j ACCEPT\n\n# Simple rate limiting example\niptables -A INPUT -p tcp --dport 22 -m state --state NEW -m recent --set\niptables -A INPUT -p tcp --dport 22 -m state --state NEW -m recent --update --seconds 60 --hitcount 10 -j DROP<\/code><\/pre>\n\n\n\n<h4 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"problem-website-or-api-not-reachable\">Problem: Website or API Not Reachable<\/h4>\n\n\n\n<p>Open HTTP\/HTTPS and check that your web server is listening. Sometimes OUTPUT rules block egress (for fetching packages, APIs, or OCSP).<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># Allow inbound web\niptables -A INPUT -p tcp -m multiport --dports 80,443 -j ACCEPT\n\n# Verify process listening\nss -tulpn | grep -E ':(80|443)\\s'<\/code><\/pre>\n\n\n\n<h4 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"problem-database-or-internal-service-blocks\">Problem: Database or Internal Service Blocks<\/h4>\n\n\n\n<p>For <a href=\"https:\/\/www.youstable.com\/blog\/mysql-commands\">MySQL<\/a> (3306), PostgreSQL (5432), Redis (6379), etc., only allow trusted IPs. Opening databases publicly is risky.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># Allow MySQL from a trusted app server\niptables -A INPUT -p tcp -s 203.0.113.10 --dport 3306 -j ACCEPT<\/code><\/pre>\n\n\n\n<h4 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"problem-nat-or-port-forwarding-not-working\">Problem: NAT or Port Forwarding Not Working<\/h4>\n\n\n\n<p>For NAT\/forwarding (gateways, Kubernetes, VPNs), you need correct nat table rules and IP forwarding enabled.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># Enable forwarding at runtime and persist\nsysctl -w net.ipv4.ip_forward=1\necho 'net.ipv4.ip_forward = 1' &gt;&gt; \/etc\/sysctl.conf\n\n# Masquerade outbound via eth0\niptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE\n\n# Port forward 8080 on WAN to 10.0.0.10:80\niptables -t nat -A PREROUTING -i eth0 -p tcp --dport 8080 -j DNAT --to-destination 10.0.0.10:80\niptables -A FORWARD -p tcp -d 10.0.0.10 --dport 80 -m conntrack --ctstate NEW,ESTABLISHED,RELATED -j ACCEPT\niptables -A FORWARD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"step-5-set-default-policies-correctly\">Step 5: Set Default Policies Correctly<\/h3>\n\n\n\n<p>A secure baseline is DROP on INPUT and FORWARD, ACCEPT on OUTPUT, with explicit allows. Many outages happen because default policy is DROP but required services aren\u2019t whitelisted.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>iptables -P INPUT DROP\niptables -P FORWARD DROP\niptables -P OUTPUT ACCEPT<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"step-6-make-rules-persistent\">Step 6: Make Rules Persistent<\/h3>\n\n\n\n<p>Rules set with iptables are not persistent across reboots unless saved. Method depends on the distro.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"ubuntu-debian-iptables-persistent\">Ubuntu\/Debian (iptables-persistent)<\/h4>\n\n\n\n<pre class=\"wp-block-code\"><code>apt update &amp;&amp; apt install -y iptables-persistent\n# Save IPv4 and IPv6\niptables-save &gt; \/etc\/iptables\/rules.v4\nip6tables-save &gt; \/etc\/iptables\/rules.v6\nsystemctl enable netfilter-persistent\nsystemctl restart netfilter-persistent<\/code><\/pre>\n\n\n\n<h4 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"rhel-centos-almalinux-iptables-services\">RHEL\/CentOS\/AlmaLinux (iptables-services)<\/h4>\n\n\n\n<p>On RHEL 7\/8\/9, firewalld is default. If you prefer raw iptables, install iptables services and <a href=\"https:\/\/www.youstable.com\/blog\/how-to-stop-and-disable-firewalld\/\">disable firewalld<\/a> to avoid conflicts.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code><a href=\"https:\/\/www.youstable.com\/blog\/install-yum-on-linux\">yum install<\/a> -y iptables-services\nsystemctl stop firewalld &amp;&amp; systemctl disable firewalld\nsystemctl enable iptables\nsystemctl start iptables\n# Save current rules\nservice iptables save   # or: iptables-save &gt; \/etc\/sysconfig\/iptables<\/code><\/pre>\n\n\n\n<p class=\"has-ast-global-color-1-background-color has-background\"><strong>Also Read: <a href=\"https:\/\/www.youstable.com\/blog\/fix-ftp-on-linux\">Fix FTP on Linux Server &#8211; Passive Mode, TLS, &amp; SELinux<\/a><\/strong><\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity is-style-wide\"\/>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"working-with-firewalld-and-ufw\">Working With firewalld and UFW<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"firewalld-rhel-centos-almalinux\">firewalld (RHEL, CentOS, AlmaLinux)<\/h3>\n\n\n\n<p>firewalld is a higher level controller over nftables. Use it unless you have a specific need for raw iptables.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># Open common services\nfirewall-cmd --permanent --add-service=ssh\nfirewall-cmd --permanent --add-service=http\nfirewall-cmd --permanent --add-service=https\n\n# Open a custom port\nfirewall-cmd --permanent --add-port=2222\/tcp\n\n# Apply changes and verify\nfirewall-cmd --reload\nfirewall-cmd --list-all<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"ufw-ubuntu\">UFW (Ubuntu)<\/h3>\n\n\n\n<p>UFW simplifies firewall management. It manages iptables under the hood. Keep <a href=\"https:\/\/www.youstable.com\/blog\/how-to-enable-ssh-access-for-clients-or-users\/\">SSH open before enabling<\/a>.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>ufw allow OpenSSH\nufw allow 80\/tcp\nufw allow 443\/tcp\nufw enable\nufw status verbose<\/code><\/pre>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity is-style-wide\"\/>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"advanced-iptables-vs-nftables-and-back-ends\">Advanced: iptables vs nftables and Back Ends<\/h2>\n\n\n\n<p>Many modern kernels use nftables. Distributions map iptables commands to nftables via the iptables-nft back-end. If you see unexpected behavior, confirm whether you\u2019re using iptables legacy or iptables-nft and keep the stack consistent system wide.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># Switch backend on Debian\/Ubuntu if needed (requires installed alternatives)\nupdate-alternatives --config iptables\nupdate-alternatives --config ip6tables\n\n# Inspect nft ruleset directly\nnft list ruleset<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"troubleshooting-techniques-that-save-hours\">Troubleshooting Techniques That Save Hours<\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Check counters: iptables -L -n -v to see which rule matches (packet\/byte counts).<\/li>\n\n\n\n<li>Test from another host: curl -I http:\/\/server, nc -zv server 80,443.<\/li>\n\n\n\n<li>Verify listeners: ss -tulpn to ensure services bind to the correct IP.<\/li>\n\n\n\n<li>Inspect logs: dmesg and journalctl -k for dropped packets (LOG target helps).<\/li>\n\n\n\n<li>Avoid double-management: don\u2019t run UFW and firewalld simultaneously, or raw iptables with them unless you know precedence.<\/li>\n<\/ul>\n\n\n\n<pre class=\"wp-block-code\"><code># Example logging rule before DROP\niptables -A INPUT -m limit --limit 10\/min -j LOG --log-prefix \"IPT DROP: \" --log-level 4\niptables -A INPUT -j DROP<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"safe-baseline-ruleset-ipv4\">Safe Baseline Ruleset (IPv4)<\/h2>\n\n\n\n<p>Use this compact baseline, then add service specific rules. Adapt SSH port and interfaces as needed.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># Flush\niptables -F\niptables -X\niptables -t nat -F\niptables -t mangle -F\n\n# Policies\niptables -P INPUT DROP\niptables -P FORWARD DROP\niptables -P OUTPUT ACCEPT\n\n# Allow loopback\niptables -A INPUT -i lo -j ACCEPT\n\n# Allow established\/related\niptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT\n\n# SSH\/HTTP\/HTTPS\niptables -A INPUT -p tcp --dport 22 -j ACCEPT\niptables -A INPUT -p tcp -m multiport --dports 80,443 -j ACCEPT\n\n# Optional: ping\niptables -A INPUT -p icmp -j ACCEPT\n\n# Log and drop everything else (optional log)\n# iptables -A INPUT -m limit --limit 10\/min -j LOG --log-prefix \"DROP: \" --log-level 4\niptables -A INPUT -j DROP<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"best-practices-to-prevent-future-breakage\">Best Practices to Prevent Future Breakage<\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Always keep console access when changing firewall rules on remote servers.<\/li>\n\n\n\n<li>Back up with iptables save before edits; use version control for rule files.<\/li>\n\n\n\n<li>Apply changes incrementally and test from a separate host.<\/li>\n\n\n\n<li>Prefer services and zones (firewalld) or UFW profiles for simplicity.<\/li>\n\n\n\n<li>Document non standard ports and peer IPs (<a href=\"https:\/\/www.youstable.com\/blog\/best-vpn-for-multiple-devices\">VPNs<\/a>, DB clients, monitoring).<\/li>\n\n\n\n<li>Automate with configuration management (Ansible, Salt, Puppet) to avoid drift.<\/li>\n\n\n\n<li>Plan migration to nftables if your distro is moving away from legacy iptables.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"when-you-need-expert-help\">When You Need Expert Help<\/h2>\n\n\n\n<p>If you manage production environments or multi tenant servers, a small firewall mistake can cause major downtime. <strong><a href=\"https:\/\/www.youstable.com\/linux-vps-hosting\">YouStable\u2019s managed Linux hosting<\/a><\/strong> and server management can audit your firewall, harden iptables or firewalld, and implement safe, persistent rules, so you can focus on your applications. Ask our team for a security first review tailored to your stack.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity is-style-wide\"\/>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"faqs\">FAQs<\/h2>\n\n\n<div id=\"rank-math-faq\" class=\"rank-math-block\">\n<div class=\"rank-math-list \">\n<div id=\"faq-question-1765879277735\" class=\"rank-math-list-item\">\n<h3 class=\"rank-math-question \" class=\"rank-math-question \" id=\"how-do-i-quickly-reset-iptables-to-allow-all-traffic\">How do I quickly reset iptables to allow all traffic?<\/h3>\n<div class=\"rank-math-answer \">\n\n<p>Use permissive policies and flush rules, then re-allow SSH and essential services. Run: iptables -P INPUT ACCEPT; iptables -P FORWARD ACCEPT; iptables -P OUTPUT ACCEPT; iptables -F. This is only for recovery. Re-apply a secure ruleset and make it persistent once access is restored.<\/p>\n\n<\/div>\n<\/div>\n<div id=\"faq-question-1765879287794\" class=\"rank-math-list-item\">\n<h3 class=\"rank-math-question \" class=\"rank-math-question \" id=\"why-do-my-iptables-changes-disappear-after-reboot\">Why do my iptables changes disappear after reboot?<\/h3>\n<div class=\"rank-math-answer \">\n\n<p>Iptables rules are not persistent by default. On Debian\/Ubuntu, install iptables-persistent (netfilter-persistent) and save to \/etc\/iptables\/rules.v4 and rules.v6. On RHEL-based systems, use iptables-services and save to \/etc\/sysconfig\/iptables. With firewalld or UFW, rules are persistent through their own tooling.<\/p>\n\n<\/div>\n<\/div>\n<div id=\"faq-question-1765879295907\" class=\"rank-math-list-item\">\n<h3 class=\"rank-math-question \" class=\"rank-math-question \" id=\"should-i-use-iptables-or-nftables\">Should I use iptables or nftables?<\/h3>\n<div class=\"rank-math-answer \">\n\n<p>nftables is the modern backend with cleaner semantics and better performance. Many distros map iptables to nftables (iptables-nft). If starting fresh, consider using nftables or firewalld\/UFW. If you have legacy automation around iptables, maintain consistency and plan a gradual migration.<\/p>\n\n<\/div>\n<\/div>\n<div id=\"faq-question-1765879304433\" class=\"rank-math-list-item\">\n<h3 class=\"rank-math-question \" class=\"rank-math-question \" id=\"how-can-i-check-which-rule-is-blocking-my-traffic\">How can I check which rule is blocking my traffic?<\/h3>\n<div class=\"rank-math-answer \">\n\n<p>Run iptables -L -n -v to inspect packet counters per rule, add a LOG rule before DROP to see hits in journalctl -k, and test from a client using curl or nc. Narrow down the chain (INPUT\/FORWARD\/OUTPUT) and table (filter\/nat) involved in your traffic path.<\/p>\n\n<\/div>\n<\/div>\n<div id=\"faq-question-1765879312928\" class=\"rank-math-list-item\">\n<h3 class=\"rank-math-question \" class=\"rank-math-question \" id=\"what-ports-should-i-always-allow-on-a-web-server\">What ports should I always allow on a web server?<\/h3>\n<div class=\"rank-math-answer \">\n\n<p><strong>At minimum:<\/strong> SSH (your chosen port), HTTP (80), and HTTPS (443). Add DNS (53) if the server runs a resolver, and any application ports (e.g., 8080, 9000) as required. Restrict database ports (3306, 5432) to trusted IPs, not the public internet, and allow loopback traffic.<\/p>\n\n<\/div>\n<\/div>\n<\/div>\n<\/div>","protected":false},"excerpt":{"rendered":"<p>To fix iptables on a Linux server, connect via console, identify your firewall stack (iptables-legacy, iptables-nft, firewalld, or UFW), list [&hellip;]<\/p>\n","protected":false},"author":21,"featured_media":19064,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[350],"tags":[],"class_list":["post-13614","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-knowledgebase"],"acf":[],"featured_image_src":"https:\/\/www.youstable.com\/blog\/wp-content\/uploads\/2025\/12\/How-to-Fix-IPTables-on-Linux-Server.jpg","author_info":{"display_name":"Sanjeet Chauhan","author_link":"https:\/\/www.youstable.com\/blog\/author\/sanjeet"},"_links":{"self":[{"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/posts\/13614","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/users\/21"}],"replies":[{"embeddable":true,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/comments?post=13614"}],"version-history":[{"count":6,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/posts\/13614\/revisions"}],"predecessor-version":[{"id":19436,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/posts\/13614\/revisions\/19436"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/media\/19064"}],"wp:attachment":[{"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/media?parent=13614"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/categories?post=13614"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/tags?post=13614"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}