In Ubuntu systems, firewall rules can be used to restrict access to specific ports and IPs. A commonly used firewall management tool is iptables. The following are the steps to use iptables to restrict access to specified ports and IPs:
Install iptables: If iptables is not installed on the system, you can use the following command to install it:
sudo apt-get update
sudo apt-get install iptables
Add rules: Use the following command to add firewall rules to restrict access to specific ports and IPs:
sudo iptables -A INPUT -p tcp --dport port number -s IP address -j DROP
Among them, replace the port number with the port number to be restricted, and replace the IP address with the IP address to be restricted. The above command will deny requests from the specified IP to access specific ports.
If you need to restrict multiple ports or multiple IPs, you can use similar commands to add multiple rules. Note that after adding a rule, you need to save the rule to take effect.
Save rules: Use the following command to save the current iptables rules so that they will still take effect after restarting:
sudo iptables-save > /etc/iptables/rules.v4
Restoring rules: If you need to delete or modify rules, you can edit the /etc/iptables/rules.v4 file and then reload the rules using the following command:
sudo iptables-restore < /etc/iptables/rules.v4
Please note that using iptables may affect the network communication of the system, so it is recommended to back up the original rules before operation to ensure that you understand the impact of the rules and the risks of operation. In addition, iptables is gradually replaced by nftables in Ubuntu 18.04 and later versions. You can also consider using nftables for firewall management.