iptables Overview
iptables features advanced logging, pre and post-routing actions, network address translation, and port forwarding all in one command line interface.
Using iptables
The first step in using iptables is to start the iptables service.
This can be done with the command:
The ip6tables services should be turned off to use the iptables.
chkconfig ip6tables off
To make iptables start by default whenever the system is booted, you must change runlevel status on the service using chkconfig.
The syntax of iptables is separated into tiers. The main tier is the chain. A chain specifies the state at which a packet is manipulated. The usage is as follows:
The -A option appends a rule at the end of an existing ruleset.
The chain is the name of the chain for a rule.
The three built-in chains of iptables (that is, the chains that affect every packet which traverses a network) are INPUT, OUTPUT, and FORWARD.
The -j target option specifies the location in the iptables ruleset where this particular rule should jump. Some built in targets are ACCEPT, DROP, and REJECT.
Leave a Reply
You must be logged in to post a comment.