How do you block new incoming tcp connections on X port?

networking firewall iptables

If you want to block attempts to establish new sessions to a given port, but still allow packets to established sessions through, you'd need to do something like:

iptables -A INPUT -j DROP -p tcp --syn --destination-port dport

This should allow any connection initiated from the local machine, that happens to use dport as its local port number.


this should block the traffic without involving conn_track:

iptables -A INPUT -j DROP -p tcp --destination-port <your port>

connection tracking should only do its job when you specify -m state or --state in your rules.

Related

/var/lib/kubelet/pki/kubelet.crt is expired, How to renew it?
IPv6 Neighbor Discovery/Routing Failing for Kernel 3.10
MYSQL is at 197% CPU usage ~ not allowing site to run
Interpreting flags in AIDE daily report
max iSCSI initiator session
Why do I get DMARC aggregate reports with no reported failures (G Suite + Amazon SES)?
Why does Viridian keep saying "...oh, I've already found this"?
What are all the different weapon colours and their meanings?
Can I use my own music instead of the in game radio stations?
Do alien squads alert each other?
How to delete my XCom Saves?
Can I run an SNES emulator without it having input focus?