IP Tables uses the filter to act as a firewall but also controls the routing of packets on Linux.

A table in IP Tables is a collection of chains for a particular networking function.

  • Filter Table (Firewall)
    • Input Chain
    • Output Chain
    • Forward Chain
  • NAT Table
    • Output Chain
    • Prerouting Chain
    • Postrouting Chain
  • Mangle Table
    • Input Chain
    • Output Chain
    • Forward Chain
    • Prerouting Chan
    • Postrouting Chain

Chains are the tags that define and match packets to their state.

  • iptables -L
    • List rules.
  • iptables -L –line-numbers
    • List rules numbered.
  • iptables -D INPUT
    • Delete rule from the INPUT chain.
  • iptables -F
    • Flush all the rules.
  • iptables –policy INPUT ACCEPT
    • Set default policy to accept.
  • iptables –policy INPUT DROP
    • Set default policy to drop.
  • iptables -I -s 1.1.1.1 -j ACCEPT
    • Insert rule to the top.
    • The rule will allow connections from the IP.
  • iptables -A -s 1.1.1.0/24 -j DROP
    • Append rule to the end.
    • The rule will allow connections from the Network.
  • iptables -I INPUT -p tcp –dport 80 -j DROP
    • Block connections to a port.
  • iptables -I OUTPUT -tcp –dport 443 -j DROP
    • Drop outgoing packets to destination port.

CREATE PERSISTENCE

sudo /sbin/iptables-save