iptables |technoid.nl

block outgoing traffic matching string

sudo iptables -I OUTPUT -p tcp --dport 443 -m string --string "dujrsrsgsd3nh.cloudfront.net" --algo kmp -j DROP
sudo iptables -I INPUT -p tcp --dport 443 -m string --string "dujrsrsgsd3nh.cloudfront.net" --algo kmp -j REJECT

list all iptable rules with linenumbers

sudo iptables -L --line-numbers

delete specific iptable rule on linenumber and Chain

sudo iptables -D OUTPUT 1

Allow established connections

sudo iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

Allow connections from subnet 10.0.0.0/24 to certain port

iptables -I INPUT -p tcp -s 10.0.0.0/24 --dport 6556 -j ACCEPT