iptables in Linux



iptables is a tool used in linux distributions to control kernel’s netfilter’s firewall.

To start off with there are three real “chains” which iptables uses:

INPUT chain – used to filter incoming packets
OUTPUT chain – used to filter outgoing packets
FORWARD chain – used to filter forwarded packets (between network cards).

Syntax:

iptables Examples:

iptables -A INPUT -s 192.168.0.1 -j DROP
# will drop all packets that comes from IP 192.168.0.1

iptables -A INPUT -s IPADDRESS -p tcp -m tcp --dport 3306 -j ACCEPT
# will only let access to 3306 port to mentioned IP address

List tables and chains:

iptables -L # will list all rules from all chains from filter table

iptables -L -v # # will list all rules from all chains from filtering table, in verbose mode,
# showing also packets and bytes that matched that rules
iptables -L -v –line-numbers # will show above and also rule numbers

iptables -L INPUT # will show all rules from INPUT chain from filter table

iptables -L -t nat # will show all rules from all chains from nat table
iptables -t nat -L PREROUTING # will show all rules from PREROUTING chain from nat table

iptables -L -t mangle # will show all rules from all chains from mangle table

Adding rules to chains:

iptables -A INPUT -s IPADDRESS -j ACCEPT
# will allow traffic from source IP mentioned.

iptables -A
#will append rule at the end of rules list  in your specified chain.
#if you want to insert a rule on a specific position in your chain, then you must use -I.

iptables -A INPUT -p tcp --dport 22 -j DROP
# will drop all traffic to destination port 22 (our ssh port)

Deleting a rule from a chain:
To delete a rule from a chain you have two posibilities: to delete a rule using rule number or to delete using syntax used when rule was added:

iptables -D INPUT 10
# will delete rule 10 from INPUT chain

iptables -D PREROUTING 10 -t nat
# will delete rule 10 from PREROUTING chain from nat table

iptables -D INPUT -s IPADDRESS -j ACCEPT
# will delete rule that was added with iptables -A INPUT -s IPADDRESS -j ACCEPT

To delete all rules you can also use:

iptables --flush

Saving iptables rules:

iptables-save
Posted by techno on August 9, 2010 in Education, Information, Technology | 1 Comment
Tags: , , , , ,

Leave a Reply

Your email address will not be published. Required fields are marked *

*
*