Work and Technology‎ > ‎Security‎ > ‎Firewalls‎ > ‎

IPTables

Overview

iptables is the command to manage the Linux firewall system that runs as part of most moderen linux distributions. (A kenel module that filters network packets). There are two ways to operate it.

    You may give it rules at the command line, such as:

# iptables --insert INPUT --protocol tcp --source 192.168.0.0/16 --dport 8443 --jump ACCEPT

insert = Insert a new rule to the INPUT table
protocol = Protocol of TCP
dport = Local  Destination Port
jump = Jump to ACCEPT (i.e. Let the packet through)

    And you can list the rules it has at the moment

# iptables --list

Chain INPUT (policy ACCEPT)
target     prot opt source               destination   
ACCEPT     tcp  --  anywhere        anywhere            tcp dpt:8443       
ACCEPT     all  --  anywhere             anywhere            
ACCEPT     icmp --  anywhere             anywhere            icmp echo-request 
ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED 
ACCEPT     tcp  --  132.235.8.0/23       anywhere            tcp dpt:ssh 
ACCEPT     tcp  --  132.235.51.0/24      anywhere            tcp dpt:ssh 

    You may also instruct it to process files, referred to as iptables-save files

# iptables-save > /etc/firewall.conf
# iptables-restore < /etc/firewall.conf

Redhat's Use

By default, firewall rules are saved in the  /etc/sysconfig/iptables or  /etc/sysconfig/ip6tables files.






Subpages (1): iptables-save
Comments