Monday 1 August 2016

Iptables linux firewall simple command

What is Iptables ?

Iptables is a rule based firewall and it is pre-installed on Linux operating system which control the incoming and outgoing traffic. We can create chain rule and block black listed IP.

For example:

 Block IP:

If we got DDOS attack on web server from 192.168.1.10 now we can block the inbound traffic from this IP using Iptabes.

iptables -D INPUT -s 192.168.1.10 -j DROP

or range of IP

iptables -A INPUT -s 192.168.0.0/24 -j DROP

Now from 192.168.1.10 will not able to access anything on your server.

Restricting access with mac address :

 iptables -A INPUT -m mac --mac-source 0E:0F:EA:91:04:08 -j DROP

iptables -A INPUT -m mac --mac-source 0E:0F:EA:91:04:08 -j ACCEPT


Restricting access on port:

iptables -A INPUT -s 192.168.1.0/24 -m state --state NEW -p tcp --dport 22 -j ACCEPT

iptables -A INPUT -s 192.168.1.0/24 -m state --state NEW -p tcp --dport 25-j ACCEPT

Port 22(SSH) and 25(SMTP)  is accessible only from 192.168.1.0/24

List of rule :

iptables -L -n -v

-L : List rules.
-v : Display detailed information. 
-n : Display IP address and port in numeric format.

Deleting rule :

iptables -D INPUT -s 192.168.0.10 -j DROP

iptables -D INPUT -m mac --mac-source 0E:0F:EA:91:04:08 -j DROP

iptables -D INPUT -s 192.168.1.0/24 -m state --state NEW -p tcp --dport 22 -j ACCEPT
Posted by at No comments:
Labels: , , ,
Subscribe to: Posts (Atom)