linux下开启防火墙命令行

`sudo service iptables start`

`sudo service iptables stop`

`sudo service iptables restart`

`sudo service iptables status`

```

sudo iptables -A INPUT -s IP_ADDRESS -p tcp --dport PORT_NUMBER -j ACCEPT

```

```

sudo iptables -A INPUT -s TRUSTED_IP_ADDRESS -p tcp --dport REMOTE_SERVICE_PORT -m state --state NEW,ESTABLISHED -j ACCEPT

sudo iptables -A OUTPUT -d TRUSTED_IP_ADDRESS -p tcp --sport REMOTE_SERVICE_PORT -m state --state ESTABLISHED -j ACCEPT

```

```

sudo iptables -P INPUT DROP

sudo iptables -P FORWARD DROP

```