Linux comes with a host based firewall called Netfilter. 'iptables' is program linux based firewall and it handles filtering for IPv4, and ip6tables. This post lists most simple iptables solutions required by a new Linux user to secure his or her Linux operating system from intruders.
Displaying the Status of Your Firewall
iptables -L -n -v
-L : List rules
-v : Display detailed information (packet and byte counters)
-n : Display IP address and port in numeric format
Do not use DNS to resolve names. This will speed up listing.
Stop / Start / Restart / Save / Delecct the Firewall
service iptables stop
service iptables start
service iptables restart
service iptables save
iptables -F : Deleting (flushing) all the rules
iptables -X : Delete chain
Insert Firewall Rules
To insert one or more rules in the selected chain as the given rule number use the following syntax. First find out line numbers, enter:
# iptables -L INPUT -n –line-numbers
iptables -I INPUT 2 -s 192.168.66.26 -j ACCEPT
Then you have to call save iptables
Restore Firewall Rules
To restore firewall rules form a file called /root/madhuka.active.firewall.rules, enter:
# iptables-restore < /root/madhuka.active.firewall.rules
Example - Block Facebook.com Domain
First, find out all ip address of facebook.com, enter:
# host -t a www.facebook.com
whois 31.13.91.36 | grep CIDR
CIDR: 31.13.90.0/63
To prevent outgoing access to www.facebook.com, enter:
# iptables -A OUTPUT -p tcp -d 31.13.90.0/63 -j DROP
You can also use domain name, enter:
# iptables -A OUTPUT -p tcp -d www.facebook.com -j DROP
# iptables -A OUTPUT -p tcp -d facebook.com -j DROP
iptables file
you can find the iptables and you can edit it (If you know it well only)
vi /etc/sysconfig/iptables
No comments:
Post a Comment