Open main menu

CDOT Wiki β

Changes

IPTables

1,174 bytes added, 23:21, 27 July 2010
no edit summary
=== INPUT Chain ===
<pre> dest. src. --------- --------- ---------- | routing localhost Local process|F12Host|>-wire--->eth0|Fedora2|->eth0 -> decision --> INPUT chain -->filtering --> or application--------- | is made \ of rules ------------------- is made \ of rules \
some routed elsewhere
or sent to FORWARD chain
=== OUTPUT Chain ===
<pre>
src.
---------------------- dest.
| Local process routing localhost ---------
|Fedora2 --> or applicaiton -> decision-> OUTPUT chain -->filtering-> eth0-> wire->|F12Host|
| is made of rules interface ---------
----------------------
</pre>
== Sample Scripts from our Lab Material ==
== Sample Scripts <pre> # iptables -F // flushes the rules from our Lab Material ==the table # iptables -L // lists the rules running in memory # iptables -P INPUT DROP // creates a policy to DROP packets inbound # iptables -A OUTPUT -j LOG // logs outgoing traffic to /var/log/messages # iptables -I 1 OUTPUT -p tcp -s 0/0 -d 0/0 --dport 80 -j DROP // drop outbound web // requests and inserts // at line 1 in the chain  # iptables -I 3 INPUT -p tcp -s 192.168.235.0/24 -d f12host --dport ssh -j DROP </pre>