Iptables: Difference between revisions

From KlavoWiki
Jump to navigationJump to search
← Older editNewer edit →
No edit summary
Line 4: Line 4:
OUTPUT
OUTPUT
FORWARD
FORWARD
</pre>
= Default Behaviour =
== Drop ==
Drop all packets by default
<pre>
iptables -P INPUT DROP
</pre>
== Accept ==
Accepts all packets by default
<pre>
iptables -P INPUT ACCEPT
</pre>
</pre>


Revision as of 03:10, 29 August 2014

Chains

INPUT
OUTPUT
FORWARD

Default Behaviour

Drop

Drop all packets by default 

iptables -P INPUT DROP

Accept

Accepts all packets by default 

iptables -P INPUT ACCEPT

Drop

Drop from Source 

iptables -I INPUT -s 23.253.232.189 -j DROP

-I Insert
-A Append

-s Source
-d Destination


List

Current tables

iptables -L -v

-L List
-v verbose

with Line Numbers

iptables -L -n --line-numbers

List Chain

iptables -L INPUT -n --line-numbers

Delete

by Rule Number

iptables -D INPUT 3

by Rule Name

iptables -D INPUT -s 23.253.232.189 -j DROP

Delete All

Delete all rules 

iptables --flush

Rules

Saving

iptables-save > /opt/firewall.conf

Restoring

iptables-restore < /opt/firewall.conf

Automatic Load on Restart

Based on Debian, once your tables are operating as required 

iptables-save > /etc/iptables.up.rules

vi /etc/network/if-pre-up.d/iptables

add the following lines 

#!/bin/sh
/sbin/iptables-restore < /etc/iptables.up.rules

chmod +x /etc/network/if-pre-up.d/iptables
Retrieved from ‘https://klaverstyn.com.au/david/wiki/index.php?title=Iptables&oldid=1664