This is my first tutorial on Firewall configuration in Linux using IPTABLES. In this tutorial we will learn how to use and configure iptables to secure any server or any network.We will learn to secure server and network infrastructure. Firewall is an integrated part of computer system or Network infrastructure designed to allow authorized communication and block unauthorized access.We will learn how to allow any specific ip using iptables and also learn how to deny any specific ip address.
.We will learn how to see list of iptables rules.
.We will also learn how to Flush iptables rules.
.we will also set default rules for firewall.
.We will learn to allow internal traffic on loopback device.
.We also learn how to allow established connections.
.We see rules to Lock all NULL Packets.
.We will also learn to Block XMAS Packets using Iptables.
How to save iptables rules after making any changes in your firewall rules?
#service iptables save
How to start firewall service?
#service iptables start
how to restart Firewall (iptables) service?
#service iptables restart
How to stop Firewall(iptables) service?
#service iptables stop
To on or off Firewall(iptables) rules even after system reboot we use below commands.
#chkconfig iptables on #chkconfig iptables off
Default Firewall(iptables) rules are saved in below files:
/etc/sysconfig/iptables /etc/sysconfig/ip6tables (saved rules for IPv6)
IPTABLES BASIC CONFIGURATION
Here I will just give simple iptables settings examples.
Deny by default all connections :
#iptables -A INPUT -j DROP #iptables -A OUTPUT -j DROP #iptables -A FORWARD -j DROP
Accept packets from a particular IP address (here 192.168.0.100) :
#iptables -A INPUT -s 192.168.0.100 -j ACCEPT
Reject packets from a particular IPv4 address :
here 192.168.0.100 is that ip which we want to reject.
#iptables -A INPUT -s 192.168.0.100 -j REJECT
Drop packets from a particular IPv4 address :
#iptables -A INPUT -s 192.168.0.100 -j DROP
Accept packets on port 22 TCP (SSH) :
#iptables -A INPUT -p tcp --dport 22 -j ACCEPT
Accept outgoing packets from your port 22 TCP :
#iptables -A OUTPUT -p tcp --sport 22 -j ACCEPT
List Firewall rules.
#iptables -L
List Firewall tables of Filter table only.
#iptables -t filter -L
List firewall rules og NAT Table.
#iptables -t nat -L
List firewall rule of MANGLE Table.
#iptables -t mangle -L
Flush/Delete firewall rules
#iptables -F #iptables -X #iptables -Z
Flush/Delete firewall rules of FILTER TABLE only.
#iptables -t filter -F
Flush/Delete firewall rules og NAT TABLE only.
#ipatbles -t nat -F
Flush/Delete firewall rules og MANGLE TABLE only.
#iptables -t mangle -F
lock null packets (DoS)
#iptables -A INPUT -p tcp --tcp-flags ALL NONE -j DROP
Block syn-flood attacks (DoS)
#iptables -A INPUT -p tcp ! --syn -m state --state NEW -j DROP
Block XMAS packets (DoS)
#iptables -A INPUT -p tcp --tcp-flags ALL ALL -j DROP
Allow internal traffic on the loopback device.
#iptables -A INPUT -i lo -j ACCEPT
Allow ssh access
#iptables -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
Allow established connections
#iptables -I INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
Allow all outgoing connections
#iptables -A OUTPUT -j ACCEPT
Set default deny firewall policy.
#iptables -A INPUT -j DROP
Save iptables/firewall rules
#service iptables save
Never forget to run above command after every change made in your iptables rules.
Very soon i will write iptables tutorial part-2 with some advance firewall configuration rules.
Learn Linux CCNA CEH IPv6 Cyber-Security Online 