From LedHed's Wiki
Revision as of 09:14, 29 December 2007 by Ledhed (Talk | contribs)

Jump to: navigation, search

References:
http://www.howtoforge.com/linux_iptables_sarge Start Here
http://iptables-tutorial.frozentux.net/iptables-tutorial.html Some Technical reading for those nights when you've run out of Ambien
http://www.netfilter.org/documentation/index.html More Technical reading (You really don't want to read all of this, just wing it!)

Chains

  • INPUT - Rules for traffic coming into this server (i.e. From the Internet).
  • FORWARD - Rules for traffic that will be forwarding to another IP behind this server (i.e. This box is a firewall for other PC's).
  • OUTPUT - Rules for traffic that is going out of this server (i.e. To the Internet)

For more detailed info on what these 'Chains' do feel free to ask the Google Gods!


Switches

Before we get started we need to know a few of the command line switches.
-A = Append (adds the rule to the bottom of the specified chain)
-I = Insert (adds the rule to the top of the specified chain)
-D = Delete (deletes the rule from the specified chain)
-F = Flush (deletes all rules from the specified chain)
-L = List (lists the currently applied rulesets)
-p = Protocol (Protocol being used [i.e. tcp, udp ...])
-s = Source (Source Address)
--sport = Source Port
-d = Destination (Destination Address)
--dport = Destination Port
-j = Jump (Jump to an action [i.e. ACCEPT, DROP, REJECT])
--line-numbers (displays line numbers for each rule. Usefull when deleting or inserting rules)


Examples

This will delete the 2nd rule from the INPUT chain.

iptables -D INPUT 2


This will delete all rules from the FORWARD chain.

iptables -F FORWARD


This adds a rule to the 2nd slot in the INPUT chain (which consequently drops all traffic and should be the last item in the chain).

iptables -A INPUT -j DROP


This 'Lists' all the rules with their corresponding line numbers.

iptables -L --line-numbers


This opens incoming port 25 (SMTP) traffic and adds the rule to the top of the chain.

iptables -I INPUT -p tcp --dport 25 -j ACCEPT


This allows all outgoing traffic to pass through.

iptables -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT