Tuesday, 24 March 2015

how to manage iptables in linux


IPTABLES (Packet Filter) :-

Firewall is used to prevent and monitor unauthorized access of a computer network. In simple terms we can call firewall is a network security. Iptables is a rule based firewall this controls the incoming and outgoing network traffic.
[Note:-  iptables applies to IPv4 only, ipt6tables applies to IPV6 ]

3 predefined chains

  •  INPUT - All packets destined for the host computer.
  •  OUTPUT - All packets originating from the host computer.
  •  FORWARD - All packets neither destined nor originating from the host computer, but passing through (routed by) the host computer. This chain is used if you are using your computer as a router.

How to start, stop & restart iptables:-

# /etc/init.d/iptables start
# /etc/init.d/iptables stop
# /etc/init.d/iptables restart
 (OR)
# service iptables start
# service iptables stop
# service iptables restart
  

To start iptables automatically during the system startup use this command:-

#chkconfig iptables on 

To list the iptables rules:-

#iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination        

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination        

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

To list the iptables rules with line numbers:-

#iptables -L --line-numbers
Chain INPUT (policy ACCEPT)
num  target     prot opt source               destination        
1    ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:ssh
2    ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:ftp
3    ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:telnet

Chain FORWARD (policy ACCEPT)
num  target     prot opt source               destination        

Chain OUTPUT (policy ACCEPT)
num  target     prot opt source               destination        
1    ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:ftp
2    ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:ssh

Flush or Delete all the rules :-

# iptables -F
# service iptables save
[Note:- Be careful! while running this command this will delete all the rules]

To view NAT Rules:-

# iptables -t nat -L -n -v 

 Iptables Port Forwarding :-


# iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8080
[all incoming traffic on port 80 redirect to port 8080]

To Block a specific ip-address 

#iptables -A INPUT -s 192.168.0.254 -j DROP

Posted by at
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)