Security Stuff!!
Toggle Dark/Light/Auto mode Toggle Dark/Light/Auto mode Toggle Dark/Light/Auto mode
  1. Hamza Megahed
  2. /
  3. IPTables
  4. /
  5. IPTables 1

IPTables 1

IPTables

IPTablesis a front-end to control and manage netfilter.

We will focus on layer 3 (Network) controlling source and destination IP Addresses, and layer 4 (ransport) TCP and UDP.
Filter table uses to control IP packets filtering, and it’s consist of 3 chains (INPUT, FORWARD and OUTPUT)

How To use IPTables

IPTables command consist of parts, let’s discuss iptables command fields
1- iptables
2- action APPEND, replace, inseart, delete..) followed by name of the chain such as (INPUT, FORWARD or OUTPUT) for Filter tables.
3- Name of the table with -t option (-t mangle), if not specified so it’s a filter table by default.
4- specify source IP -s, destination IP -d or both.
5- specify Protocol with ports, protocols such as (tcp, udp, icmp) with -p, and Source port, Destination port such as (ssh,telnet…) with --sport, --dport respectively.
6- select target with -j option followed by type of target (ACCEPT, DROP, DENY, LOG, REJECT).

Note 1: In step 3, don’t use this step if you work on Filter tables, if not you should specify the name of tables.
Note 2: You don’t have to use all the steps, use what is required to make a rule right and more safety.
Examples:
1- Block IP address 192.168.0.20 to connect to my ssh
iptables -A INPUT -s 192.168.0.20 -p tcp --dport ssh -j DROP
-A to append the rule
INPUT to specify the name of chain, INPUT chain concerned with input communications
-s specify source IP address
-p specify protocol name
--dport specify destination port (destination port because we now handling INPUT communications)
-j select target name to refuse this communication
To make sure that the rule is appended iptables -L

Chain INPUT (policy ACCEPT)
target  prot opt source               destination        
DROP    tcp  --  192.168.0.20        anywhere       tcp dpt:ssh 

Chain FORWARD (policy ACCEPT)
target  prot opt source               destination    

Chain OUTPUT (policy ACCEPT)
target prot opt source               destination

Now we blocked 192.168.0.20 to connect with local ssh
2- Block 192.168.0.20 to connect with local system
iptables -A INPUT -s 192.168.0.20 -j DROP

Note 3: To start iptables /sbin/service iptables start
Note 4: To make iptables start with system booting /sbin/chkconfig iptables on
Note 5: use /sbin/ip6tables to configure you firewall with IPV6.