The first step you need to take is to specify where exactly in the chain you need to add a rule. Imagine, for example, that you want to disallow all traffic that has destination port 80, but you do want to allow all traffic coming from IP address 188.8.131.52. If you first create the rule that specifies the destination port and then create the rule for IP address 184.108.40.206, packets from 220.127.116.11 that have destination port 80 will be rejected as well. So, order does matter. When creating a rule, you can use the following options to specify where in the chain you want the rule to appear:
-A: Adds the rule to the end of the chain. -D: Deletes the rule from the chain. -R: Replaces a rule.
-I: Inserts the rule at a specific position. For example, use iptables -I INPUT 2 to place the rule on the second position in the INPUT chain.
Was this article helpful?