Changes

After the overall default policy is set, then you can create policy rules that are "exceptions" to the default policy rules. The <b><code><span style="pointer-events: none;cursor: default;color:#3366CC;font-size:1.2em5em;">-j</span></code></b> option is used to redirect (jump) packets to actions (ACCEPT, REJECT, DROP, LOG) if the packet match that policy rule. The option <b><code><span style="pointer-events: none;cursor: default;color:#3366CC;font-size:1.2em;">-p</span></code></b> will indicate the protocol used (eg. tcp, upd, icmp). The options <b><code><span style="pointer-events: none;cursor: default;color:#3366CC;font-size:1.2em5em;">--dport</span></code></b> or <b><code><span style="pointer-events: none;cursor: default;color:#3366CC;font-size:1.2em5em;">--sport</span></code></b> indicate the "destination communication port" or "source communication port" respectively. The option <b><code><span style="pointer-events: none;cursor: default;color:#3366CC;font-size:1.2em5em;">-A</span></code></b> is used to append the policy rule to the <u>bottom</u> of the chain. The option <b><code><span style="pointer-events: none;cursor: default;color:#3366CC;font-size:1.2em5em;">-I</span></code></b> is used to insert a policy rule before an existing policy line number (if used with no number, will insert at the <u>top</u> of the chain)

You can also set exceptions to the default policy for specific IP Addresses by using the options <b><code><span style="pointer-events: none;cursor: default;color:#3366CC;font-size:1.2em5em;">-d IPADDR</span></code></b> or <b><code><span style="pointer-events: none;cursor: default;color:#3366CC;font-size:1.2em5em;">-s IPADDR</span></code></b>