Iptables is a command line utility for configuring the Linux kernel firewall. The term iptables is also commonly used to refer to such a kernel firewall. Can be configured directly with iptables, or using one of the many existing console and graphics frontend
THE MOST COMMON IPTABLES ARE:
BLOCK A PORT: In this example, port 111 is blocked
iptables -A INPUT -p udp -m tcp –dport -j DROP
ALLOW AN IP In this example all requests from ip 127.0.0.1 are accepted
iptables -I INPUT -s 127.0.0.1/30 -j ACCEPT
OPEN A PORT
iptables -A INPUT -p tcp –dport 22 -j ACCEPT
ALLOW AN IP RANGE in this option there are two ways to do it, the first is only if you want to allow an IP range (such as 162.168.10.20 to 192.168.10.80), the second is by segments placing / 24 in this option, take into account that / 24 allows a range of 254 hosts.
iptables -A INPUT -i eth1 -m iprange –src-range 162.168.10.20-80 -j ACCEPT
iptables -A INPUT -i eth1 -s 10.50.0.0/16 -j ACCEPT
BLOCK ALL PORTS EXCEPT 80,443,22,25
iptables -A INPUT -p tcp -m tcp -m multiport! –Dports 80,443,22,25 -j DROP
No Comment