Basics
IPTables Basics
Default Tables
filter Default Chains
mangle Default Chains
- INPUT
- OUTPUT
- FORWARD
- PREROUTING
- POSTROUTING
nat Default Chains
- INPUT
- OUTPUT
- PREROUTING
- POSTROUTING
IPTables Chains Rules
- What exactly should happen to a packet
- Ordering is important
- Specify target using -j ACCEPT, DROP, REJECT, LOG
- Policy is default behavior like as drop everythings
- Default table is filter
IPTables Structure
#iptables -A {CHAIN} [ -i/-o interface ] [ -s/-d addr ] -p [ udp/tcp ] --sport/dport {port num} -j TARGET
---Example---
#iptables -A INPUT -i ens33 -s 192.168.1.0/24 -p tcp --dport 22 -j ACCEPT
Default Policy of Chain
#iptables -P [ ACCEPT | DROP | REJECT ] -t [ filter | nat | mangle ] [ CHAIN ]
---Example---
#iptables -P DROP -t filter INPUT
Last updated on 26 Oct 2019
Published on 23 Nov 2018