You may have heard of firewalls. A firewall is a security solution that can be used to monitor and control the traffic coming in and out of our system. iptables is an integrated firewall on a Linux computer. You can use iptables to define rules for filtering unwanted inbound and outbound traffic from your system. In this manual we want to see how we can do this.
Overview of IPTABLES
The IP tables consist of four control tables. Each rule has its own specific purpose
- Filter table
The filter table is designed to provide our servers and customers with basic security. This is the only painting we normally use.
- NAT table
The NAT (Network Address Translation) table is used to connect the public Internet to private networks.
- Corner table
A corner table is used to modify network packets as they pass through the firewall.
- Security table
The safety table is only used for systems on which SELinux is installed.
Since we are currently only interested in the basic protection of the host, we will only look at the filter table. Each array consists of control strings, and the filter array consists of input, output and transmission strings. We will first check our current configuration with the following command
We’ve got this exit. This is IPV4, and to see the configuration relative to ipv6, we use the following command
In both cases you see that there are no rules and that the machine is wide open.
Basic accounting options
I have explained here some basic iptables options you can use
Blocking a specific IP address
In this example, we write a rule that blocks all incoming traffic from an IP address (192.168.1.1).
#iptables -t filter -A INPUT -s 192.168.1.1 -j REJECT
This command uses the -t option to specify the table to be used. The -A option is used to add a line to the list of lines in the specified string. The -s option is used to block the source IP address. The -j option is used to have iptables reject incoming traffic with a rejection target.
Blocking of outgoing traffic
This is an example of blocking all outgoing traffic to a specific IP address (192.168.1.2).
#iptables -t filter -A OUTPUT -d 192.168.1.2 -j drop
The rule uses the -d option to specify the IP address of the destination. The -j option resets all traffic using the reset destination.
To list the lines we have created with line numbers, you can use the following command.
We can delete the line with the -D option, as shown below.
#iptables -D INPUT -s 135,53,77,43 -j REJECT
We now have to save the iptables rules we made to survive the restart. For this you can use the following command.
In the next lesson, we will learn how to perform SSH coding and SSH hardening.
The next two tabs change the content.
Ruvantha Nissanka is a Sri Lankan engineer specialized in cybersecurity. He has extensive experience in providing cyber security services to many organizations in Sri Lanka. He is a positive person who wants to believe in the best in others and who likes to help, encourage and make people feel good.
linux iptables list,iptables tutorial pdf,linux firewall iptables,ubuntu 18.04 iptables,iptables adalah,iptables examples,secure computer with iptable,iptables security table,iptables optimize,iptables validator,basic iptables rules,iptables hardening ubuntu,redhat firewall status,redhat 6 firewall,redhat firewall open port,iptables redhat 6,nat rhel,redhat iptables output,linux security hardening checklist,linux hardening guide nsa,what is linux hardening,linux hardening github,rhel 7 hardening shell script,centos 7 hardening script,install iptables ubuntu,linux iptables,kali linux iptables,linux firewall,how to configure iptables in linux step by step,iptables tutorial