Thanks to visit codestin.com
Credit goes to www.scribd.com

Scribd
Upload
12 views7 pages

IPtables EN

iptables is a utility for configuring IP packet filter rules in the Linux kernel firewall, allowing users to set up and maintain rules for incoming and outgoing traffic. The document outlines basic syntax, examples of rules, key concepts of chains, and methods for making rules persistent, logging traffic, and managing rules. It also provides commands for listing, flushing, deleting, inserting, replacing, and checking rules, as well as saving and restoring them.

Uploaded by

boutrikamine46
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
12 views7 pages

IPtables EN

iptables is a utility for configuring IP packet filter rules in the Linux kernel firewall, allowing users to set up and maintain rules for incoming and outgoing traffic. The document outlines basic syntax, examples of rules, key concepts of chains, and methods for making rules persistent, logging traffic, and managing rules. It also provides commands for listing, flushing, deleting, inserting, replacing, and checking rules, as well as saving and restoring them.

Uploaded by

boutrikamine46
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 7

IPTABLES Overview

iptables is a user-space utility program that allows you to configure the IP


packet filter rules of the Linux kernel firewall. It is used to set up,
maintain, and inspect the tables of IP packet filter rules in the Linux
kernel.

Basic Syntax

iptables -A <CHAIN> -p <PROTOCOL> -s <SOURCE> --dport <PORT> -j


<TARGET>

 -A <CHAIN>: Append a rule to a chain (INPUT, OUTPUT,


FORWARD).

 -p <PROTOCOL>: Specify a protocol (tcp, udp, icmp).

 -s <SOURCE>: Define the source IP (e.g., 192.168.1.100 or


0.0.0.0/0 for any).

 --dport <PORT>: Destination port (e.g., 22 for SSH).

 -j <TARGET>: Define the action (ACCEPT, DROP, REJECT).

Examples

1. Block SSH Traffic from a Specific IP:

iptables -A INPUT -p tcp -s 192.168.0.1 --dport 22 -j REJECT

a. This rule rejects incoming SSH traffic (port 22) from the IP
192.168.0.1.

2. Block Telnet Traffic from a Specific IP:

iptables -A INPUT -p tcp -s 192.168.0.1 --dport 23 -j REJECT

a. This rule rejects incoming Telnet traffic (port 23) from the IP
192.168.0.1.

3. Block HTTP Traffic from Fedora to Windows:

iptables -A OUTPUT -d 192.168.1.5 -p tcp --dport 80 -j REJECT

a. This rule blocks outgoing HTTP traffic (port 80) from Fedora
(192.168.1.9) to the Windows server (192.168.1.5).

Key Concepts
 INPUT Chain: Controls incoming traffic to your machine.

 OUTPUT Chain: Controls outgoing traffic from your machine.

 FORWARD Chain: Controls traffic that is routed through your


machine.

Making Rules Persistent

To ensure that your iptables rules persist after a reboot:

1. Save the Rules:

sudo iptables-save | sudo tee /etc/sysconfig/iptables

2. Enable and Start the iptables Service:

sudo systemctl enable iptables


sudo systemctl start iptables

Logging Blocked Traffic

To log blocked traffic for monitoring purposes:

iptables -A OUTPUT -d 192.168.1.5 -p tcp --dport 80 -j LOG --log-prefix


"Blocked Outgoing HTTP: "
iptables -A OUTPUT -d 192.168.1.5 -p tcp --dport 80 -j REJECT

 The LOG target logs the blocked traffic to /var/log/messages or


/var/log/syslog.

 The --log-prefix option adds a custom prefix to the log entrie

1. Listing Rules (-L)

 Command:
iptables -L

 Description: Lists all rules in the specified chain (or all chains if no
chain is specified).

 Example:

iptables -L INPUT

o Lists all rules in the INPUT chain.

2. Verbose Output (-v)

 Command:

iptables -L -v

 Description: Displays additional information such as packet and


byte counters for each rule.

 Example:

iptables -L INPUT -v

o Lists all rules in the INPUT chain with packet and byte
counters.

3. Numeric Output (-n)

 Command:

iptables -L -n

 Description: Displays IP addresses and port numbers in numeric


format (instead of resolving hostnames or service names).

 Example:

iptables -L INPUT -n

o Lists all rules in the INPUT chain with numeric IPs and ports.
4. Combined Options (-L -v -n)

 Command:

iptables -L -v -n

 Description: Combines verbose and numeric output for detailed


and efficient rule inspection.

 Example:

iptables -L INPUT -v -n

o Lists all rules in the INPUT chain with numeric IPs, ports, and
packet/byte counters.

5. Flush Rules (-F)

 Command:

iptables -F

 Description: Deletes all rules in the specified chain (or all chains if
no chain is specified).

 Example:

iptables -F INPUT

o Deletes all rules in the INPUT chain.

6. Delete a Specific Rule (-D)

 Command:

iptables -D <CHAIN> <RULE_NUMBER>

 Description: Deletes a specific rule from a chain by its rule


number.
 Example:

iptables -D INPUT 2

o Deletes the second rule in the INPUT chain.

7. Insert a Rule (-I)

 Command:

iptables -I <CHAIN> <RULE_NUMBER> <RULE_DETAILS>

 Description: Inserts a rule at a specific position in the chain.

 Example:

iptables -I INPUT 1 -p tcp --dport 22 -j ACCEPT

o Inserts a rule at the top of the INPUT chain to allow SSH traffic.

8. Replace a Rule (-R)

 Command:

iptables -R <CHAIN> <RULE_NUMBER> <RULE_DETAILS>

 Description: Replaces a rule at a specific position in the chain.

 Example:

iptables -R INPUT 1 -p tcp --dport 22 -j DROP

o Replaces the first rule in the INPUT chain to block SSH traffic.

9. Set Default Policy (-P)

 Command:

iptables -P <CHAIN> <TARGET>


 Description: Sets the default policy for a chain (ACCEPT, DROP, or
REJECT).

 Example:

iptables -P INPUT DROP

o Sets the default policy for the INPUT chain to DROP.

10. Zero Packet and Byte Counters (-Z)

 Command:

iptables -Z

 Description: Resets the packet and byte counters for all rules in
the specified chain (or all chains if no chain is specified).

 Example:

iptables -Z INPUT

o Resets the counters for all rules in the INPUT chain.

11. Check Rule Existence (-C)

 Command:

iptables -C <CHAIN> <RULE_DETAILS>

 Description: Checks if a specific rule exists in the chain.

 Example:

iptables -C INPUT -p tcp --dport 22 -j ACCEPT

o Checks if a rule allowing SSH traffic exists in the INPUT chain.


12. Save and Restore Rules

 Save Rules:

iptables-save > /etc/iptables/rules.v4

o Saves the current iptables rules to a file.

 Restore Rules:

iptables-restore < /etc/iptables/rules.v4

o Restores iptables rules from a file.

You might also like