Netfilter is the Linux kernel’s network packet filtering subsystem and iptables is the command used to configure it. iptables is just like the administrative tool for IPv4 packet filtering and NAT. CCNA Labs HSRP Configuration on GNS3 and Packet Tracer
Iptables uses policy chains for allowing and blocking network traffic. Let’s look at a simple example in order to understand it better.
Suppose we want to allow connections from 192.168.10.0/24 subnet of our network to ssh to our server, we’ll execute the following iptables commands on our Linux server with ssh daemon running. You must run them as a root user.
sudo iptables -A INPUT -p tcp --dport 22 -s 192.168.10.0/24 -m state --state NEW,ESTABLISHED -j ACCEPT
The following options were used in the above iptables configuration:
-p: This specifies the protocol type. It’s normally tcp or udp.
-s: this specifies the source of the packets to be filtered using our set iptables rules.Can be a single ip address or a subnet.
-A: This means that we’re appending the rule to the existing set of rules.
-j: jump to a specific response, in our case it’s ACCEPT. Reject and drop can also be used.
-m: This option is used to specify the state of a connection. Our iptables rule above allow for a new connection to be made and our server to ssh outside.
After creating the rules, we need to save the changes to the iptables config file for then to take effect. On Debian, Kali and Ubuntu systems, this is achieved using the command below.
On RHEL and CentOS 7, type the command
sudo /etc/ini.d/iptables save
If you need at any point to default to drop a file for all connections. Below are the command rules:
sudo iptables --policy INPUT DROP sudo iptables --policy OUTPUT DROP sudo iptables --policy FORWARD DROP
To default to accept, type
sudo iptables --policy INPUT ACCEPT sudo iptables --policy INPUT ACCEPT sudo iptables --policy INPUT ACCEPT
This marks the end of our tutorial on introduction to iptables. More iptables tutorials will come. Thanks for taking your time to read it.