Home > Technology > Wroking with iptables

Wroking with iptables


Iptables: Is an application that allows network administrator to create rules on Kernel level firewall. It also one kind of packet filtering mechanism. The iptables were purely written in the C Language. Iptables are used with IP V4.

Iptables executable binary file can be found in the /sbin/iptables(type “which iptables” in the terminal see the result). Iptables requires root access to work with. User must be logged in as root to view, append, delete or change existing rules.

The Linux kernel contains the built-in ability to filter packets, allowing some of them into the system while stopping others. Most of the Linux Kernels come with the following tables

1) nat: This is the default table for handling network packets.

2) filter: This table used to alter packets that create a new connection.

3) mangle: This table is used for specific types of packet alteration.

Each of these tables in turn have a group of built-in chains, they are

  1. INPUT — This chain applies to packets received via a network interface.
  2. OUTPUT — This chain applies to packets sent out via the same network interface which received the packets.
  3. FORWARD — This chain applies to packets received on one network interface and sent out on another.

Every chain has a default policy to ACCEPT, DROP, REJECT, or QUEUE the packet to be passed to user-space. If none of the rules in the chain apply to the packet, then the packet is dealt with in accordance with the default policy.

The iptables command allows you to configure these rule lists, as well as set up new tables to be used for your particular situation

Advertisements
  1. No comments yet.
  1. September 27, 2010 at 5:10 pm

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: