In short: no, the only way to update an iptables
rule is to replace it (iptales -R ...
) or to delete it and add a new one with the updated IP address (iptables -D ...
followed by iptables -A ...
).
This blo post discusses the issue and sketches a solution.
It is fantastic that you are interested in iptables.
As you can see, however, there is a bit of a learning curve.
The basics are
All services listen on ports. One analogy would be an apartment complex, your ports are analogous to apartment numbers.
Common ports are
FTP - 21
SSH - 22
Apache - HTTP 80 ; HTTPS 443
You can get a complete list of ports from a google search or /etc/services
This might help as well
https://help.ubuntu.com/10.04/serverguide/C/index.html
From there, enter iptables. As a firewall, iptables is one way of limiting access.
Basically you have 3 broad options.
Public servers, ie apache. Here you will allow all traffic and blacklist bad acting IP (spammers)
Private servers, ie ssh. Here you will deny all traffic and white list authorized connections.
Limit. You may allow ping, but only at a certain rate.
If you are new to iptables, you may wish to start with ufw. ufw is a command line front end to iptables and is easier to learn. The syntax is very similar to iptables so it is easy to transition from ufw to iptables.
See:
https://help.ubuntu.com/community/UFW
https://help.ubuntu.com/community/IptablesHowTo
That information should get you started. If you have a problem, feel free to ask a more specific question.
I also have an introductory page to iptables if you like. I have maintained it over the years with feedback from people new to iptables, hope it helps.
http://bodhizazen.com/Tutorials/iptables
Best Answer
This is the default behavior.
You may want to take a look at the package
iptables-persistent
to automatically set iptables rules at startup from a configuration file.