Linux firewalls filter packets using netfilter. Frontends:
iptables (legacy view):
sudo iptables -L -n -v
sudo iptables -S
nftables:
sudo nft list ruleset
iptables:
sudo iptables -A INPUT -p tcp --dport 22 -j ACCEPT
nft (conceptual):
sudo nft add rule inet filter input tcp dport 22 accept
Depends on distro/tooling:
nftables service (loads /etc/nftables.conf)iptables-persistent (Debian/Ubuntu)