Website Scripts And Cloud Tutorials

Linux IPTABLES Beginners Guide

Byadmin

Dec 21, 2015
IPTABLES Firewall Tutorials

Last updated on May 5th, 2016 at 01:40 am

Click to rate this tutorial!
[Total: 0 Average: 0]

Linux IPTABLES Beginner’s Guide :- Add Firewall Rules With Ease

This is just a beginners guide tutorial on IPTABLES. It is a vast topic and I am only covering a part of it. In this tutorial we will see simple uses of IPTABLES and also how to

  1. View chains & Listing rules
  2. Adding a new chain
  3. Add Rules
  4. Delete Rules
  5. Restarting & Saving IPTABLES

Please don’t confuse with IDS and IPTABLES as both are different. IPTABLES cannot scan any port for intrusion detection. It can only be done by Intrusion Detection Systems like Tripware, PortSentry, Swatch etc., IPTABLES can only block / prevent / Forward access to ports / protocols.

Chains Types In IPTABLES

——————–
3 types of chain

a)INPUT
b)FORWARD
c)OUTPUT

In linux you can list your rules in iptables using iptables -L command

# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

INPUT chain as the name suggests will check all the input packets to the host.
FORWARD chain forwards all packets to another machines. It is not destined for this host.
OUTPUT chain are for packets destined to other machines.

Adding a new chain in IPTABLES

—————————–
We can use -N switch in iptables to add a new chain.

[[email protected]]# iptables -N new_chain
[[email protected]]# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Chain new_chain (0 references)
target     prot opt source               destination
[[email protected] ~]#

Add a new rule in IPTABLES

————————–
A new rule can be added to a chain using -A switch, followed by switches like -p for protocol, –dport for port, -J for ACCEPT / DROP etc.,
Here is a simple rule to access SSH connection

iptables -A INPUT -p tcp --dport 22 -j ACCEPT

Here is another rule to reject all HTTP request to port 80

iptables -A INPUT -p TCP --dport 80 -j DROP

*NOTE:- Please don’t lock yourself by rejecting access to PORT 22 (SSH)

Delete Rules in IPTABLES

————————
To delete a rule from IPTABLES the best method is to list the line numbers (–line-number) and use -D option as shown below

[[email protected]]# iptables -L INPUT --line-number
Chain INPUT (policy ACCEPT)
num  target     prot opt source               destination
1    ACCEPT     all  --  anywhere             anywhere             ctstate RELATED,ESTABLISHED
2    ACCEPT     all  --  anywhere             anywhere
3    INPUT_direct  all  --  anywhere             anywhere
4    INPUT_ZONES_SOURCE  all  --  anywhere             anywhere
5    INPUT_ZONES  all  --  anywhere             anywhere
6    ACCEPT     icmp --  anywhere             anywhere
7    REJECT     all  --  anywhere             anywhere             reject-with icmp-host-prohibited
8    ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:ssh
9    DROP       tcp  --  anywhere             anywhere             tcp dpt:http
[[email protected]]# iptables -D INPUT 9
[[email protected]]# iptables -L INPUT --line-number
Chain INPUT (policy ACCEPT)
num  target     prot opt source               destination
1    ACCEPT     all  --  anywhere             anywhere             ctstate RELATED,ESTABLISHED
2    ACCEPT     all  --  anywhere             anywhere
3    INPUT_direct  all  --  anywhere             anywhere
4    INPUT_ZONES_SOURCE  all  --  anywhere             anywhere
5    INPUT_ZONES  all  --  anywhere             anywhere
6    ACCEPT     icmp --  anywhere             anywhere
7    REJECT     all  --  anywhere             anywhere             reject-with icmp-host-prohibited
8    ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:ssh

Restarting & Saving IPTABLES

—————————-
IPTABLES rules are set temporarly in the memory until we use command iptables save

service iptables save 

If we reboot the machine all settings wil be lost unless we saved it using the above command.

To restart IPTABLES use the command below

# service iptables restart
iptables: Setting chains to policy ACCEPT: nat filter mangl[  OK  ]
iptables: Flushing firewall rules:                         [  OK  ]
iptables: Unloading modules:                               [  OK  ]
iptables: Applying firewall rules:                         [  OK  ]
#
Click to rate this tutorial!
[Total: 0 Average: 0]

Leave a Reply

Your email address will not be published.