IPTABLES - Enable / Disable in Linux : How to ??

How to disable IPTABLES??
==================

# service iptables save
# service iptables stop
# chkconfig iptables off


To clear IP rules use below commands:
=====================================

# iptables -F
# iptables -X
# iptables -t nat -F
# iptables -t nat -X
# iptables -t mangle -F
# iptables -t mangle -X
# iptables -P INPUT ACCEPT
# iptables -P OUTPUT ACCEPT

How to Enable IPTABLES??
===================

#/etc/init.d/iptables start

#chkconfig iptables on

#iptables-save > /root/working.fw


To restore Rules:
=============

#iptables-restore < /root/firewall.rules

#iptables-save > /root/firewall.rules


To List the iptable Rules:

# iptables --list

#iptables -L

To delete iptable rules

# iptables --flush

# iptables --flush OUTPUT  //To delete particular CHAIN


some basic Rules:
=============


Interface level:

Allow incomming packets at interface level

iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -i eth0 -j ACCEPT

# Accept packets from trusted IP addresses

 iptables -A INPUT -s 192.168.0.4 -j ACCEPT # change the IP address as appropriate

# Accept packets from trusted IP addresses

 iptables -A INPUT -s 192.168.0.0/24 -j ACCEPT   //using standard slash notation
 iptables -A INPUT -s 192.168.0.0/255.255.255.0 -j ACCEPT // using a subnet mask


# Accept tcp packets on destination port 6881 (bittorrent)

 iptables -A INPUT -p tcp --dport 6881 -j ACCEPT


# Accept tcp packets on destination ports 6881-6890

 iptables -A INPUT -p tcp --dport 6881:6890 -j ACCEPT


Rules for SSH:
===========

# Accept tcp packets on destination port 22 (SSH)

 iptables -A INPUT -p tcp --dport 22 -j ACCEPT


# Accept tcp packets on destination port 22 (SSH) from private LAN
 iptables -A INPUT -p tcp -s 192.168.0.0/24 --dport 22 -j ACCEPT


0 comments:

Post a Comment

Blogger Tips and TricksLatest Tips And TricksBlogger Tricks