Skip to main content

How to Work With Iptables

Iptables is the name of the user space tool by which administrators create rules for the packet filtering (both inbound and outbound) and NAT modules. Today Iptables is a standard part of all modern Linux distributions.

Steps

  1. The first that you need to do is go to the Linux terminal. Then you can play with the program.
  2. This is how you can Block Specific IP Using IPTables
  3. iptables -I INPUT -p tcp -s xxx.xxx.xxx.xxx -j DROP [edit] How To Search For IP Addresses In IPTables
  4. Use the following command:
    • iptables -nL | grep xxx.xxx.xxx.xxx
    • (-n) prevents each IP from resolving to its hostname
    • (-L) lists all of the rules
    • IPTables Log SSH
    • iptables -I INPUT -j LOG -m state --state NEW -p tcp --dport 22

Tips

How to disable and restore IPTables
    • /sbin/iptables-save > backupfilename
    • service IPTables stop
    • cat backupfilename | /sbin/iptables-restore
    • service IPTables start

  • IPTables Firewall Template
    • Prevent SYN floods from consuming memory resources

  • echo 1 > /proc/sys/net/ipv4/tcp_syncookies
    • By default DROP any incoming or forwarded packets, allow all outgoing packets

  • iptables -P INPUT DROP iptables -P FORWARD DROP iptables -P OUTPUT ACCEPT
    • Clear any established specific rules

  • iptables -F INPUT iptables -F FORWARD iptables -F OUTPUT iptables -F -t nat
    • Permit packets in to firewall itself that are part of existing and related connections.

  • iptables -A INPUT -i eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT
    • Allow all inputs from te loopback interface

  • iptables -A INPUT -i lo -s 0/0 -d 0/0 -j ACCEPT
    • Accept connections coming through for SSH (22) and samba

  • iptables -A INPUT -p tcp -s 129.180.0.0/0 --destination-port 22 --syn -j ACCEPT iptables -A INPUT -p tcp -s 129.180.0.0/0 --destination-port 137:139 --syn -j ACCEPT iptables -A INPUT -p tcp -s 129.180.0.0/0 --destination-port 445 --syn -j ACCEPT
    • Accept UDP packets for samba

  • iptables -A INPUT -p udp -s 129.180.0.0/0 --destination-port 137:139 -j ACCEPT iptables -A INPUT -p udp -s 129.180.0.0/0 --destination-port 445 -j ACCEPT
    • Permitting a caching DNS Server
    • We need to permit querying a remote DNS server.

  • iptables -A INPUT -p udp -s 129.180.1.4/0 --source-port 53 --destination-port 1024:65535 -j ACCEPT
  • IPTables Enable Specific Ports
  • This script basically blocks all the ports, and enables only the ones needed. Please edit it as necessary.
  • 1. !/bin/bash
  • iptables --flush iptables -P INPUT DROP iptables -P OUTPUT DROP iptables -P FORWARD DROP iptables -A INPUT -p tcp -m multiport --dport 21,22,80,443 -j ACCEPT iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT iptables-save
  • IPTABLES for Port 22 example...
  • iptables -I INPUT -s 24.192.43.232 -j ACCEPT (this is for all) iptables -I INPUT -p tcp --dport 22 -s 24.192.43.232 -j ACCEPT (this is for port 22 only)

Warnings


  • Take care at the time to handle Iptables, a minor issue can be a big security fail in your system.


Related wikiHows

Sources and Citations

Article provided by wikiHow, a collaborative writing project to build the world's largest, highest quality how-to manual. Please edit this article and find author credits at the original wikiHow article on How to Work With Iptables. All content on wikiHow can be shared under a Creative Commons license.

Feedbacks: We appreciate feedbacks and suggestions about our website info@techgyaan.org

Labels:

Comments

Post a Comment

Popular posts from this blog

Download of the Day!

Amarok 2.0.2 has released Amarok is an open source alternative music player for iTunes. Amarok supports Linux, Unix, MacOSX and windows Operating system. It is smiliar to iTunes just drag & drop the songs to play list. Amarok also lets you listen to internet radio ( mp3 streaming ) including music from last.fm . Features Automatic cover Lyrics download Dynamic playlists Visualizations and Podcasting. These are only some of the great new features of Amarok 2. Give it a try! Download here An least but not last - Amarok will also synchronize your music to your iPod. For the more technical users a scripting interface allows you to extend the functionality of Amarok. Print Page Feedbacks: We appreciate feedbacks and suggestions about our website info@techgyaan.org
Post a Comment
Latest Posts

How to fix Solaris "/lib/svc/method/net-physical "network settings is misconfigured”

Yesterday I came across an issue with the server being unable to access it switched to the  maintenance mode with some a strange message; “ How to fix Solaris "/lib/svc/method/net-physical "network settings is misconfigured”. Dec  9 10:05:59 techgyaansvr svc.startd[7]: [ID 652011 daemon.warning] svc:/network/physical:default: Method "/lib/svc/method/net-physical" failed with exit status 96. Dec  9 10:05:59 techgyaansvr svc.startd[7]: [ID 748625 daemon.error] network/physical:default misconfigured: transitioned to maintenance (see 'svcs -xv' for details) Actual message is that the IP address already exists, but is not configured. We need to clear the network & flush the settings to make it accessible Resolution: Check the service which is disabled #svcs –xv [this command will show you the services which is disabled by system] Take the network interface offline #ifconfig eri0 down [this command will bring the interface down] #ifconfig eri0 unplumb [this co...
1 comment
Latest Posts

Increase your RAM? free of cost…Really Worth It!!!!

A Very useful tip . Please try this and use RAM efficiently. Now this is called a tip of the year! While working with the Task Manager I observed the following. You can also try it out. 1.Start any application, say Word. Open some large documents. 2.Now start the Task Manager processor tab and sort the list in descending order on Memory Usage. You will notice that Winword.exe will be somewhere at the top, using multiple MBs of memory. Note down the number. 3.Now switch to Word and simply minimise it. (Do not use the Minimize All option of the task bar). 4. Now go back to the Task Manager and see where Winword.exe is listed. Most probably you will not find it at the top. You will typically have to Scroll to the bottom of the list to find Word. Now check out the amount of RAM it is using. Compare it with the original. Surprised? The memory utilisation has reduced by a huge amount. 5.So where is the tip of the year? Simple? Minimise each application that you are currently not working on ...
Post a Comment
Latest Posts