Home - News ( United States | United Kingdom | Italy | Germany ) - Football scores

Showing content from https://www.geeksforgeeks.org/linux-unix/iptables-command-in-linux-with-examples/ below:

iptables command in Linux with Examples

The iptables command in Linux is a powerful tool that is used for managing the firewall rules and network traffic. It facilitates allowing the administrators to configure rules that help how packets are filtered, translated, or forwarded. On using this iptables, you can set up security policies to control incoming and outgoing traffic, define port forwarding, and implement network address translation (NAT). It's essential for securing servers and networks by selectively permitting or denying specific types of traffic based on defined rules and conditions. This flexibility makes iptables a fundamental component in Linux networking and security configurations.

In this article, we are going discuss on what are iptables, the total tables in Iptables, and built-in chains in tables of iptables. What are the common parameters in the table and then discuss the filters of iptables, discussing why to use the iptables and its benefits effectively.

It is a command line interface used to set up and maintain tables for the Netfilter firewall for IPv4, included in the Linux kernel. The firewall matches packets with rules defined in these tables and then takes the specified action on a possible match.

• Tables is the name for a set of chains.
• Chain is a collection of rules.
• Rule is condition used to match packet.
• Target is action taken when a possible rule matches. Examples of the target are ACCEPT, DROP, QUEUE.
• Policy is the default action taken in case of no match with the inbuilt chains and can be ACCEPT or DROP.

iptables --table TABLE -A/-C/-D... CHAIN rule --jump Target

There are five possible tables as follows:

• filter: Default used table for packet filtering. It includes chains like INPUT, OUTPUT and FORWARD.
• nat : Related to Network Address Translation. It includes PREROUTING and POSTROUTING chains.
• mangle : For specialised packet alteration. Inbuilt chains include PREROUTING and OUTPUT.
• raw : Configures exemptions from connection tracking. Built-in chains are PREROUTING and OUTPUT.
• security : Used for Mandatory Access Control

There are few built-in chains that are included in tables. They are:

• INPUT : A set of rules for packets destined to localhost sockets.
• FORWARD :for packets routed through the device.
• OUTPUT : It is locally generated packets, meant to be transmitted outside.
• PREROUTING : It is used for modifying packets as they arrive.
• POSTROUTING : IIt helps in modifying packets as they are leaving.

User-defined chains can also be created. The following are the some of the possible one with examples:

1. -A, --append : Append to the chain provided in parameters.

Syntax

iptables [-t table] --append [chain] [parameters]

Example:

This command drops all the traffic coming on any port.

iptables -t filter --append INPUT -j DROP

Output

2. -D, --delete : Delete rule from the specified chain.

Syntax

iptables [-t table] --delete [chain] [rule_number]

Example:

This command deletes the rule 2 from INPUT chain.

iptables -t filter --delete INPUT 2

Output

3. -C, --check :Check if a rule is present in the chain or not. It returns 0 if the rule exists and returns 1 if it does not. Syntax:

iptables [-t table] --check [chain] [parameters]

Example:

This command checks whether the specified rule is present in the INPUT chain.

iptables -t filter --check INPUT -s 192.168.1.123 -j DROP

Output

The iptables command uses parameters to match packets and define actions. Key parameters include -p or --proto, which specify the protocol of the packet, such as tcp, udp, icmp, ssh, etc. This parameter allows administrators to selectively filter or handle packets based on their communication protocol. The common parameters are:

1. -p, --proto : is the protocol that the packet follows. Possible values maybe: tcp, udp, icmp, ssh etc. Syntax:

iptables [-t table] -A [chain] -p {protocol_name} [target]

Example:

This command appends a rule in the INPUT chain to drop all udp packets.

iptables -t filter -A INPUT -p udp -j DROP

Output

2. -s, --source: is used to match with the source address of the packet.

Syntax

iptables [-t table] -A [chain] -s {source_address} [target]

Example:

This command appends a rule in the INPUT chain to accept all packets originating from 192.168.1.230.

iptables -t filter -A INPUT -s 192.168.1.230 -j ACCEPT

Output

3. -d, --destination : is used to match with the destination address of the packet.

Syntax

iptables [-t table] -A [chain] -d {destination_address} [target]

Example:

This command appends a rule in the OUTPUT chain to drop all packets destined for 192.168.1.123.

iptables -t filter -A OUTPUT -d 192.168.1.123 -j DROP

Output

4. -i, --in-interface : matches packets with the specified in-interface and takes the action. Syntax:

iptables [-t table] -A [chain] -i {interface} [target]

Example:

This command appends a rule in the INPUT chain to drop all packets destined for wireless interface.

iptables -t filter -A INPUT -i wlan0 -j DROP

Output

5. -o, --out-interface : matches packets with the specified out-interface.

6. -j, --jump : this parameter specifies the action to be taken on a match.

Syntax

iptables [-t table] -A [chain] [parameters] -j {target}

Example:

This command adds a rule in the FORWARD chain to drop all packets.

iptables -t filter -A FORWARD -j DROP

Output

The following are the filters of iptables:

1. While trying out the commands, you can remove all filtering rules and user created chains.

sudo iptables --flush

2. To save the iptables configuration use:

sudo iptables-save

3. Restoring iptables config can be done with:

sudo iptables-restore

• There are other interfaces such ipv6 tables which are used to manage filtering tables for IPv6.

The following are the some of the reasons to use Iptables in Linux:

• Firewall Configuration: It helps in enabling the precise control over the netowrk traffic to protect against unauthorized access and attacks.
• Packet Filtering: It allows in filtering based on the criteria like protocol, IP addresses and prots providing the security.
• Network Address translation (NAT): It facilitates with seamless communication between different network segments.
• Logging and Monitoring: It provides the insights into the network activity for providing feature sof security auditing and troubleshooting.

The following are the benefits of using iptable command:

• Robust Firewall Capabilities: It facilitates with configuration of firewall rules to control incoming and outgoing traffic, enhancing network security.
• Precise Packet Filtering: It provides the filtering based on criteria such as protocol, source/destination IP addresses, and ports, ensuring only authorized traffic passes through.
• Network Address Translation (NAT): It supports NAT functionality for translating IP addresses and ports, essential for network connectivity and management.
• Logging and Monitoring: It provides logging capabilities to monitor and analyze network traffic, aiding in security auditing and troubleshooting.

The following are the some of the features of Iptables:

• Packet Filtering: Iptables facilitates with providing filtering features for network packets based on various criteria such as source and destination IP addresses and ports.
• NAT: Iptables supports the NAT by allowing for the translation of the private IP address to public address making an essential for devices within a private network to establish the communication with external networks.
• Stateful Inspection: Through stateful inspection, iptables helps in tracking the state of network connections with providing the enhanced security by legitimating the traffic that is only allowed.

The following are the some of the usecases of Iptables:

• Firewall Protection: Iptables can be configured through blocking the unauthorized access and allow legitimate traffic. It facilitates with providing a robust firewall to secure a network or individual system.
• Traffic Shaping and Control: By setting rules, iptables we can manage and prioritize network traffic, ensuring critical services maintain performance and reducing congestion during peak usage times.
• Network Address Translation (NAT): iptables facilitates NAT, allowing multiple devices on a private network to access external networks using a single public IP address, essential for home and business networks.
• Port Forwarding: With iptables, administrators can redirect traffic from one port to another, enabling access to services running on different ports or internal servers from external networks.

RetroSearch is an open source project built by @garambo | Open a GitHub Issue

Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo

HTML: 3.2 | Encoding: UTF-8 | Version: 0.7.4