After a long time, I finally had some time to write again, and this time I intend to keep a periodicity. The reason for my absence? Well now I have Dom
Without further ADO, let’s get to the point, what is Iptables, to that server, and where do I use it?
What is Iptables?
According to the simple description of the creator of this package ( NetFilter ), Iptables is a tool to create and administer rules and filter network packets.
The iptables can work based on address, source port, destination of the package, priority. It works by comparing rules to determine whether a packet is allowed to pass or not. In more restrictive firewalls, the packet is blocked and logged so that the system administrator has knowledge about what’s going on in your system.
To that server?
With Iptables, you can redirect ports , change a Protocol (such as ssl3 for tls1), Redirect servers, and services. You can create rules to block users on the network, blocking access, services for certain ips, among many other services.
Directions for use
The most common way of using the command is:
iptables [-t table]
among the options you can use:
- -P = Defines a default rule;
- -A = Add a new rule existing ones. This takes precedence over the-P;
- -D = Delete a rule;
- -L = List the existing rules;
- -S = List the existing rules, the way was saved by iptables;
- -E = Renames a chain (chain)
- -F = clears all the rules;
- -I = insert a new rule;
- -h = Displays the help;
- -R = replace a rule;
- -C = Makes the checking of existing rules;
- -Z = Resets a specific rule;
- -N = Creates a new rule with a name;
- -X = Deletes a specific rule by name.
Each has its specific use, and a way to use. To see all just use:
Common commands of Iptables
Block an IP
iptables-A INPUT-s "192.168.254.10"-j DROP
If you want to block for a specific interface, simply pass the parameter-i
iptables-A INPUT-i eth0-s "192.168.254.10"-j DROP
Open door to specific ips
In this example I used the door of ssh as an example, but it could be used any
iptables-A INPUT-i eth0-p tcp-s 192.168.100.0/24--dport 22-m state--state NEW, ESTABLISHED-j ACCEPT-
Balancing the 443 port between 3 different ips
iptables-A PREROUTING-i eth0-p tcp--dport 443-m state-state NEW-m-nth--counter-0-every 3-0-packet-j DNAT--to-destination 192.168.1.101: 443
iptables-A PREROUTING-i eth0-p tcp--dport 443-m state-state NEW-m-nth--counter-0-every 3-1-packet-j DNAT--to-destination 192.168.1.102: 443
iptables-A PREROUTING-i eth0-p tcp--dport 443-m state-state NEW-m-nth--counter-0-every 3--2-j DNAT-packet-to-destination 192.168.1.103: 443
Enable Access to mysql by local network
iptables-A INPUT-i eth0-p tcp-s 192.168.100.0/24--dport 3306-m state-state NEW-, ESTABLISHED-j ACCEPT
iptables-A OUTPUT-o eth0-p tcp--sport-3306-m state-state ESTABLISHED-j ACCEPT
Blocking DDOS attacks
iptables-A INPUT-p tcp--dport 80-m limit-limit 25/minute-100 no limit-burst-j ACCEPT
iptables-t nat-A PREROUTING-p tcp-d 192.168.254.136-j DNAT--dport-422--to 192.168.254.136: 22