Introductory iptables (Linux Firewall)

Iptables is a program that allows an administrator to configure the tables provided by the Linux kernel firewall and the chains and rules it stores. Different kernel modules and programs are currently used for different protocols; iptables applies to IPv4, ip6tables to IPv6, arptables to ARP, and ebtables to Ethernet frames.

iptables requires elevated privileges to operate and must be executed by user root, otherwise it fails to function. On most Linux systems, iptables is installed as /usr/sbin/iptables and documented in its man pages which can be opened using man iptables when installed. It may also be found in /sbin/iptables, but since iptables is more like a service rather than an “essential binary”, the preferred location remains /usr/sbin.

More at:  http://en.wikipedia.org/wiki/Iptables

Example Usage (run as root)

Show all iptables:

iptables  –L

Remove a rule from table “ input “ where 5 is the rule number

iptables -D INPUT  5

The following will add 3 rules to the table named “input”.  The first allows inbound traffic on port 80.  The second allows inbound traffic on port 443, the last is a deny all that drops traffic that hasn’t previously matched any rules in the table.  This rule must be last – if it isn’t, delete it and add it back to the table so it appears last. 

iptables -A INPUT -p tcp –dport 80 -j ACCEPT
iptables -A INPUT -p tcp –dport 443 -j ACCEPT
iptables -P INPUT DROP

The drop all rule above must appear last in the table, any subsequent accept rules will be ignored as rules are processed in order .

 

Additional Resources

Ubuntu iptables howto:
<a href="https://help potenzmittel 100 pillen cialis tadalafil.ubuntu.com/community/IptablesHowTo”>https://help.ubuntu.com/community/IptablesHowTo

CentOS iptables howto:
http://wiki.centos.org/HowTos/Network/IPTables

 

Posted in Linux, Networking

Leave a Reply