What do you need to know about iptables?

What do you need to know about iptables?

Iptables is a command line application and a Linux firewall that you can use to set-up, maintain and inspect these tables. Multiple tables can be defined. Each table can contain multiple chains. A chain is nothing but a set of rules.

What happens when packet matches a rule in iptables?

When a packet matches a rule, it is given a target, which can be another chain or one of these special values: ACCEPT – will allow the packet to pass through. DROP – will not let the packet pass through. RETURN – stops the packet from traversing through a chain and tell it to go back to the previous chain.

Which is the default policy of the iptable?

Figure 3: Default IPTable rules. As you can see from Figure 3 the FORWARD, INPUT and OUTPUT chain’s have a default policy of accept. Having a default policy of “ACCEPT” is considered insecure as it allows all traffic to flow in and out of you’re machine. The recommended default policy for the INPUT chain is “DROP”.

Which is the best way to use iptables in SuSE?

iptables in SUSE can be configured via two different methods. The first method is using the YaST utility either via a GUI (Graphical User Interface) or a curses based interface as shown in Figure 1.1. The second method is using the “ iptables ” command which allows you to create much more complex rules and also fine tune your firewall.

How can I disable the iptables firewall?

sudo /sbin/iptables-save. This command saves current rules to system configuration file which is used to reconfigure the tables at the time of reboot. You should run this command everytime you make changes to the rules. To disable this firewall simply flush all the rules and make the changes persistent.

How to use iptables to reject all incoming traffic?

Rule: iptables to reject all incoming traffic except ssh and local connections These rules will reject all incoming connections to the server except those on port 22 (SSH). It will also accept connections on the loopback interface. # iptables -A INPUT -i lo -j ACCEPT # iptables -A INPUT -p tcp –dport ssh -j ACCEPT # iptables -A INPUT -j REJECT

How to make an iptables allow both HTTP and HTTPS?

If you want to allow both HTTP and HTTPS traffic, you can use the multiport module to create a rule that allows both ports. To allow all incoming HTTP and HTTPS (port 443) connections run these commands: sudo iptables -A INPUT -p tcp -m multiport –dports 80,443 -m conntrack –ctstate NEW,ESTABLISHED -j ACCEPT

Share this post