# Запретить доступ на 80 порт
iptables -A INPUT -p tcp --destination-port 80 -j DROP
# Запретить пинг
iptables -A INPUT -p icmp -j DROP
# Запретить IP
iptables -I INPUT -s 1.2.3.4 -j DROP
# Запретить исходящий трафик с IP 192.168.1.200
iptables -A OUTPUT -s 192.168.1.200 -j DROP
# Удалить правило запрета IP
iptables -D INPUT -s 1.2.3.4 -j DROP
# Вывести список правил
iptables -L -n -v --line-numbers
https://www.cyberciti.biz/faq/linux-iptables-drop/\\
https://serverfault.com/questions/592061/block-range-of-ip-addresses
Сделать правила постоянными (по умолчанию они живут до перезагрузки)
# In order to make your iptables rules persistent after reboot, install the iptables-persistent package using the apt package manager:
sudo apt install iptables-persistent
# Any currently erected iptables rules will be saved to the corresponding IPv4 and IPv6 files below:
/etc/iptables/rules.v4
/etc/iptables/rules.v6
# To update persistent iptables with new rules simply use iptables command to include new rules into your system.
# To make changes permanent after reboot run iptables-save command:
sudo iptables-save > /etc/iptables/rules.v4
# OR
sudo ip6tables-save > /etc/iptables/rules.v6
To remove persistent iptables rules simply open a relevant ''/etc/iptables/rules.v*'' file and delete lines containing all unwanted rules.
https://linuxconfig.org/how-to-make-iptables-rules-persistent-after-reboot-on-linux