Enhancing Skills

iptables: Firewall configuration tool for Linux

Command: iptables

Used to configure the IP packet filter rules of the Linux kernel firewall. It allows you to set up rules for handling network traffic, including blocking or allowing specific traffic based on various criteria such as IP addresses, ports, and protocols. (if you don’t know what your doing, don’t do this)


Sample Command and Output:

$ sudo iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     all  --  192.168.1.0/24       0.0.0.0/0            
DROP       all  --  0.0.0.0/0            10.0.0.0/8            

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     all  --  192.168.1.0/24       0.0.0.0/0            

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         

Description:

  • sudo iptables -L: Lists all current rules in the firewall configuration. The output shows three chains: INPUT, FORWARD, and OUTPUT. Each chain lists rules that determine how incoming, forwarded, and outgoing packets are handled.

Additional Commands and Sample Outputs:

  • iptables -A INPUT -p tcp --dport 80 -j ACCEPT: Add a rule to accept incoming TCP traffic on port 80 (HTTP). Sample Command and Output:
  $ sudo iptables -A INPUT -p tcp --dport 80 -j ACCEPT

Description:

  • iptables -A INPUT -p tcp --dport 80 -j ACCEPT: Appends a rule to the INPUT chain to accept incoming TCP packets destined for port 80. The -A option appends a rule, -p tcp specifies the protocol, --dport 80 specifies the destination port, and -j ACCEPT indicates that matching packets should be accepted.
  • iptables -D INPUT -p tcp --dport 80 -j ACCEPT: Delete a rule from the INPUT chain that accepts incoming TCP traffic on port 80. Sample Command and Output:
  $ sudo iptables -D INPUT -p tcp --dport 80 -j ACCEPT

Description:

  • iptables -D INPUT -p tcp --dport 80 -j ACCEPT: Deletes the rule from the INPUT chain that accepts TCP traffic on port 80.
  • iptables -F: Flush all rules from all chains. Sample Command and Output:
  $ sudo iptables -F

Description:

  • iptables -F: Flushes all rules from all chains in the firewall configuration. This removes all existing rules and returns the firewall to its default state.
  • iptables -P INPUT DROP: Set the default policy for the INPUT chain to DROP. Sample Command and Output:
  $ sudo iptables -P INPUT DROP

Description:

  • iptables -P INPUT DROP: Sets the default policy for the INPUT chain to DROP, meaning that any incoming packets not explicitly allowed by rules will be dropped.

Note: Changes made with iptables are not persistent across reboots. To make changes persistent, you may need to save the configuration and set up automatic loading on boot, typically using tools like iptables-save and iptables-restore.



Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.