IPTABLES How To Save Restore iptables | iptables Basic Knowledge Base


iptables it is contain the generic table structure. It will act as the firewall. It contain the chain and rules.Information passes to another computer through network in packet.Network packet it is collection of packet in specified file and size format.These packet contain Source and Destination Address.if any of the client request matches with chain or rules then only it will provide the resource otherwise it will restricted.
iptabels-Linux Kernal Firewall-Net filter Module-Packet Filtering.

IPTABLES  Rules Chain Architecture

How To Save The iptables
#iptables-save > /root/redhat_iptables.rules
It will save the iptables rules into the file redhat_iptables.rules
How to restore the iptables
iptables-restore < /root/redhat.iptables.rules If we want to restore the iptabels from the save file we can restore by earlier save file redhat_iptables.rules.

iptables Different Option
-A Appent add the rule to chain
-s Source Address
-d Destination Address
-p Specified Protocol
-j Jump
--dport specific the destination port
--sport specify the source port
-i interface eth0

Iptables Syntax
#iptables -A CHAIN -p tcp/udp [options] -j ACTION
#iptables -L >> list out list of iptables rules
#iptables -d >> delete the ipatables rules

Delete Flush iptables
# iptables --flush
These command delete full iptables . And give the fresh iptables.

Iptables Some Example.
#iptables -A INPUT -p tcp -s 0/0 -d --sport 513:23 --dport 22 -j ACCEPT
#iptables -A INPUT -s 0/0 -i eth0 -d -p TCP -j ACCEPT
it will accept tcp packet 0/0 from any network through interface eth0 and destination to
if we want to delete the iptables using option -D. We need to put -D instead of -A
#iptables -D INPUT -s 0/0 -i eth0 -d -p TCP -j ACCEPT

How to Disable the IPtables ssh, telnet,ftp
1)#iptables -A INPUT -s -p tcp --dport 22 -j REJECT/DROP/DENY Iptables
Just like we have to change the Port Number for telnet 23, ftp 24.
2)#iptables -A INPUT -s -p tcp --dport 23 -j REJECT/DROP/DENY - Telnet
3)#iptables -A INPUT -s -p tcp --dport 24 -j REJECT/DROP/DENY - FTP

How to Restricted website using iptables
#iptables -A INPUT -s .orkut.com -j DROP
How to view the iptables log file
#iptables -A OUTPUT -j LOG
#iptables -A INPUT -j LOG
#iptables -A FORWARD -j LOG 

No comments:
Write comments