Recently I decided to teach myself how to use iptables. The concept always made a lot of sense, however until I forced myself to actually use it, my understanding was incomplete. Iptables is a host based firewall implemented in Linux. INPUT defines what traffic can reach the host and OUTPUT defines what traffic can leave the host.<\/p>\n
The iptables are typically found at \/etc\/sysconfig\/iptables. You can open this file, as root with your favorite text editor, but it is much easier to interpret using the iptables -L command to list the rules. Saving your changes is accomplished with the command iptables-save. <\/p>\n
To help you be more specific in your rule declarations, switches available that include –sport for source port, –dport for destination port -s for source, -d for destination and -p for protocol.<\/p>\n
The -A switch appends the rule at the end of the list. The -I switch enters the rule as a rule number, the default being the first. The -D switch is used to remove a specific rule. Review the rules again with iptables -L to make sure the flow of the rules is what you expect. The alternative is to create a condition where a new rule may never execute. <\/p>\n
Examples<\/u>:<\/p>\n
#Create new rule to allow inbound traffic from time.nist.gov on port 123 to 192.168.1.200 on port 123
INPUT: iptables -I INPUT -s 192.43.244.18 –sport 123 -d 192.168.1.200 –dport 123 -j ACCEPT <\/p>\n
#Create new rule to drop outbound traffic to www.cnn.com
OUTPUT: iptables -I OUTPUT -d 157.166.255.19 -j DROP<\/p>\n
Useful links<\/u>:
https:\/\/help.ubuntu.com\/community\/IptablesHowTo
http:\/\/wiki.centos.org\/HowTos\/Network\/IPTables<\/p>\n","protected":false},"excerpt":{"rendered":"
Recently I decided to teach myself how to use iptables. The concept always made a lot of sense, however until I forced myself to actually use it, my understanding was incomplete. Iptables is a host based firewall implemented in Linux. INPUT defines what traffic can reach the host and OUTPUT defines what traffic can leave […]<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","enabled":false},"version":2}},"categories":[12,13],"tags":[],"jetpack_publicize_connections":[],"yoast_head":"\n