Scribd
Upload
128 views

Linux Operating Iptables

IPTables is a rule-based firewall that is pre-installed on most Linux systems by default. It works at the network layer and filters both incoming and outgoing packets. IPTables examines the headers of packets and applies rules to determine whether to accept, drop, reject, or modify the packet. Rules are organized across three tables (Filter, NAT, Mangle) and four built-in chains (INPUT, OUTPUT, FORWARD, custom user-defined). Common commands are used to manage rules, check firewall status, and save rulesets.

Uploaded by

Venu Gopal
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
128 views

Linux Operating Iptables

IPTables is a rule-based firewall that is pre-installed on most Linux systems by default. It works at the network layer and filters both incoming and outgoing packets. IPTables examines the headers of packets and applies rules to determine whether to accept, drop, reject, or modify the packet. Rules are organized across three tables (Filter, NAT, Mangle) and four built-in chains (INPUT, OUTPUT, FORWARD, custom user-defined). Common commands are used to manage rules, check firewall status, and save rulesets.

Uploaded by

Venu Gopal
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 5

IPTABLES

This chapter guides you how firewall works in Linux Operating system and what
is IPTables in Linux? Firewall decides fate of packets incoming and outgoing
in system. IPTables is a rule based firewall and it is pre-installed on most
of Linux operating system. By default it runs without any rules. IPTables was
included in Kernel 2.4, prior it was called ipchains or ipfwadm. IPTables is
a front-end tool to talk to the kernel and decides the packets to filter.
This guide may help you to rough idea and basic commands of IPTables where we
are going to describe practical iptables rules which you may refer and
customized as per your need.
Different services are used for different protocols as:
 iptables applies to IPv4.
 ip6tables applies to IPv6.
 arptables applies to ARP.
 ebtables applies to Ethernet frames..

IPTables main files are:


 /etc/init.d/iptables – init script to start|stop|restart and save
rulesets.
 /etc/sysconfig/iptables – where Rulesets are saved.
 /sbin/iptables – binary.
There are at present three tables.
 Filter
 NAT
 Mangle

At present, there are total four chains:


 INPUT : Default chain originating to system.
 OUTPUT : Default chain generating from system.
 FORWARD : Default chain packets are send through another interface.
 RH-Firewall-1-INPUT : The user-defined custom chain.
How to start, stop and restart Iptabe Firewall.

# /etc/init.d/iptables start
# /etc/init.d/iptables stop
# /etc/init.d/iptables restart

To start IPTables on system boot, use the following command.

#chkconfig --level 345 iptables on

Saving IPTables rulesets with below command. Whenever system rebooted and
restarted the IPTables service, the exsiting rules flushed out or reset.
Below command save TPTables rulesets in /etc/sysconfig/iptables file by
default and rules are applied or restored in case of IPTables flushes out.

#service iptables save

Checking the status of IPTables / Firewall. Options “-L” (List ruleset), “-v”
(Verbose) and “-n” (Displays in numeric format).

[root@tecmint ~]# iptables -L -n -v

Chain INPUT (policy ACCEPT 0 packets, 0 bytes)

pkts bytes target prot opt in out source


destination

6 396 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0


state RELATED,ESTABLISHED

0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0

0 0 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0


0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0
state NEW tcp dpt:22

0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0


reject-with icmp-host-prohibited

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)

pkts bytes target prot opt in out source


destination

0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0


reject-with icmp-host-prohibited

Chain OUTPUT (policy ACCEPT 5 packets, 588 bytes)

pkts bytes target prot opt in out source


destination

Display IPTables rules with numbers. With the help of argument “–line-
numbers” you can append or remove rules.

[root@tecmint ~]# iptables -n -L -v --line-numbers

Chain INPUT (policy ACCEPT 0 packets, 0 bytes)

num pkts bytes target prot opt in out source


destination
1 51 4080 ACCEPT all -- * * 0.0.0.0/0
0.0.0.0/0 state RELATED,ESTABLISHED

2 0 0 ACCEPT icmp -- * * 0.0.0.0/0


0.0.0.0/0

3 0 0 ACCEPT all -- lo * 0.0.0.0/0


0.0.0.0/0

4 0 0 ACCEPT tcp -- * * 0.0.0.0/0


0.0.0.0/0 state NEW tcp dpt:22

5 0 0 REJECT all -- * * 0.0.0.0/0


0.0.0.0/0 reject-with icmp-host-prohibited

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)

num pkts bytes target prot opt in out source


destination

1 0 0 REJECT all -- * * 0.0.0.0/0


0.0.0.0/0 reject-with icmp-host-prohibited

Chain OUTPUT (policy ACCEPT 45 packets, 5384 bytes)

num pkts bytes target prot opt in out source


destination

Flushing or deleting IPTables rules. Below command will remove all the rules
from tables. Take rulesets backup before executing above command.

[root@tecmint ~]# iptables -F


Deleting or appending rules, let us first see the rules in chains. Below
commands shall display rulesets in INPUT and OUTPUT chains with rule numbers
which will help us to add or delete rules

[root@tecmint ~]# iptables -L INPUT -n --line-numbers

Chain INPUT (policy ACCEPT)


num target prot opt source destination
1 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state
RELATED,ESTABLISHED
2 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0
3 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
4 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW
tcp dpt:22
5 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with
icmp-host-prohibited
[root@tecmint ~]# iptables -L OUTPUT -n --line-numbers
Chain OUTPUT (policy ACCEPT)
num target prot opt source destination

Let’s say if you want to delete rule no 5 from INPUT chain. Use the following
command.

[root@tecmint ~]# iptables -D INPUT 5

To insert or append rule to INPUT chain in between 4 and 5 ruleset.

[root@tecmint ~]# iptables -I INPUT 5 -s ipaddress -j DROP

We have just tried to cover basic usages and functions of IPTables for
begineer. You may create complex rules once you have complete understanding
of TCP/IP and good knowledge of your setup.

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy