What is iptables? How to manage iptables?

Posted at January 28, 2017 at 11:39 am by Jithin

You should take security very important if you own a web application. Customers will not like to continue with a service where they can’t get good security. If you have a shared hosting account, there are limitations to the options you can customize for security. If you are owner of a server like a VPS, quick server, dedicated server, you can customize the server according to your needs as the server is yours and you have  full control over your website. There are many ways to configure a server from web attacks. There are many tools used to protect a server, but the basic and primary security measure you can take is configuring the firewall. The iptables is an inevitable topic when dealing with the firewalls. In this documentation, we are going to discuss iptables in detail.

 

What is iptables?

Iptables is an application program. It is mostly written in “C” language. It is released under the GNU General Public License. You can manage iptables with the command line. There are also front-end applications where you can manage iptables. Please be aware that in the RHEL/Centos 7, the iptables is replaced with the firewalld which is the latest implementation of filtering rules.

 

Structure of iptables

Iptables can be managed with the console quite easily. There are certain commands to perform various actions and you need to use the commands with the required options. Before viewing the commands, we are going to discuss tables and chains associated with iptables.

 

Tables and chains in iptables

Normally, the iptables has four built-in tables. They are listed below.

1) Filter Table

2) NAT Table

3) Mangle Table

4) Raw Table

Let’s see each one in detail.

 

1) Filter Table

The filter table is the default table of iptables. There are three built-in chains on this table. This will be the table used when no other table is defined custom.

1) The INPUT chain

2) The OUTPUT chain

3) The FORWARD chain

The INPUT chain

This chain represents the incoming traffic to the firewall. This chain deals with the data packets that would be coming into the server.

The OUTPUT chain

The output chain represents the outgoing traffic from the firewall. This chain deals with the packets that will go out from the server.

The FORWARD chain

This chain is for packets that are for another NIC in the same server. These packets will be routed through the server itself.

 

2) NAT Table

The next table is NAT table. The NAT stands for Network Address Translation. The Network Address Translation is the process of remapping IP address from one IP address into another one. It is achieved by modifying network address information in the IP datagram headers. The NAT table contains the following chains.

1) PREROUTING chain

2) POSTROUTING chain

3) OUTPUT chain

 

3) Mangle Table

The Mangle table also is for packet alteration. It is for specialized packet alteration. This table alters QOS bits in the TCP header. The chains in the Mangle table are the following.

1) PREROUTING chain

2) OUTPUT chain

3) FORWARD chain

4) INPUT chain

5) POSTROUTING chain

 

4) RAW Table

In iptables, RAW tables is used for configuration exceptions. The two chains in the RAW table are listed below.

1) PREROUTING chain

2) OUTPUT chain

 

Managing iptables

Here we are going to see some commands used to manage the IP tables.

1) Command to Flush iptables.

# iptables -F

2) We can Open ports for selected services with the following command.

# iptables -A INPUT -i lo -j ACCEPT

This tells the iptables to add the rule to incoming table to accept any traffic that comes to local host.

3) Suppose, we are going to open a port 587. We have to enter in the following command.

# iptables -A INPUT -p tcp -m tcp –dport 587 -j ACCEPT

4) To block all connections from a single IP address.

iptables -A INPUT -s 1.1.1.1 -j DROP, where 1.1.1.1 is the IP address which we are blocking.

5) To block SSH connections for all.

# iptables -A INPUT -p tcp –dport ssh -j DROP

To save the iptables rules

# /sbin/service iptables save

6) To list the iptables rules, please use the following command.

# iptables -L

 

If you need any further assistance please contact our support department.

 

 

0.00 avg. rating (0% score) - 0 votes

You can skip to the end and leave a response. Pinging is currently not allowed.

Leave a Reply