{"id":39023,"date":"2018-12-06T19:03:36","date_gmt":"2018-12-07T01:03:36","guid":{"rendered":"https:\/\/webirix.com\/?p=39023"},"modified":"2018-12-06T20:11:40","modified_gmt":"2018-12-07T02:11:40","slug":"creacion-de-iptables","status":"publish","type":"post","link":"https:\/\/webirix.com\/en\/creacion-de-iptables\/","title":{"rendered":"Creating iptables"},"content":{"rendered":"

\u200biptables<\/i>\u00a0es una utilidad de l\u00ednea de \u00f3rdenes para configurar el\u00a0cortafuegos\u00a0del kernel de Linux,\u00a0El t\u00e9rmino\u00a0iptables<\/i>\u00a0tambi\u00e9n se usa com\u00fanmente para referirse a dicho cortafuegos del kernel. Puede configurarse directamente con iptables, o usando uno de los muchos frontend existentes de\u00a0consola\u00a0y\u00a0gr\u00e1ficos.<\/p>\n

 <\/p>\n

Las iptables mas comunes son:<\/h3>\n

 <\/p>\n

Bloquear un puerto:<\/h4>\n

en este ejemplo se bloquea el puerto 111<\/p>\n

iptables -A INPUT -p udp -m tcp –dport\u00a0 -j DROP<\/p>\n

 <\/p>\n

permitir una ip<\/h4>\n

en este ejemplo se aceptan todas las peticiones de la ip 127.0.0.1<\/p>\n

iptables -I INPUT -s 127.0.0.1\/30 -j ACCEPT<\/p>\n

 <\/p>\n

permitir una ip por un puerto especifico<\/h4>\n

iptables -I INPUT 1 -p tcp –dport 9200 -s 192.168.1.180 -j ACCEPT<\/p>\n

 <\/p>\n

abrir un puerto<\/h4>\n

iptables -A INPUT -p tcp –dport 22 -j ACCEPT<\/p>\n

 <\/p>\n

permitir un rango de ip<\/h4>\n

en esta opcion hay dos formas de hacerlo, la primera es solo si deseas permitir un rango de ip\u00a0(como los de 162.168.10.20 hasta la ip 192.168.10.80), la segunda es por segmentos colocando \/24 en esta opcion hay que tomar en cuenta que \/24 permite un rango de 254 host.<\/p>\n

iptables<\/span>\u00a0-A INPUT -i eth1 -m iprange –src-range\u00a0162.168.10.20-80<\/span>\u00a0-j ACCEPT<\/p>\n

iptables -A INPUT -i eth1 -s 10.50.0.0\/16 -j ACCEPT<\/p>\n

 <\/p>\n

 <\/p>\n

bloquear todos los puertos excepto<\/h4>\n

iptables -A INPUT -p tcp -m tcp -m multiport ! –dports 80,443,22,25 -j DROP<\/p>\n

 <\/p>","protected":false},"excerpt":{"rendered":"

Iptables is a command line utility for configuring the Linux kernel firewall. The term iptables is also commonly used to refer to the kernel firewall. It can be configured directly with iptables, or using one of the many existing console and graphics frontend. The most common iptables are: Block a port: in this example the port is blocked ...<\/p>","protected":false},"author":27,"featured_media":39027,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[],"tags":[],"class_list":["post-39023","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry"],"jetpack_featured_media_url":"https:\/\/webirix.com\/wp-content\/uploads\/2018\/12\/images.png","_links":{"self":[{"href":"https:\/\/webirix.com\/en\/wp-json\/wp\/v2\/posts\/39023","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/webirix.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/webirix.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/webirix.com\/en\/wp-json\/wp\/v2\/users\/27"}],"replies":[{"embeddable":true,"href":"https:\/\/webirix.com\/en\/wp-json\/wp\/v2\/comments?post=39023"}],"version-history":[{"count":5,"href":"https:\/\/webirix.com\/en\/wp-json\/wp\/v2\/posts\/39023\/revisions"}],"predecessor-version":[{"id":39029,"href":"https:\/\/webirix.com\/en\/wp-json\/wp\/v2\/posts\/39023\/revisions\/39029"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/webirix.com\/en\/wp-json\/wp\/v2\/media\/39027"}],"wp:attachment":[{"href":"https:\/\/webirix.com\/en\/wp-json\/wp\/v2\/media?parent=39023"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/webirix.com\/en\/wp-json\/wp\/v2\/categories?post=39023"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/webirix.com\/en\/wp-json\/wp\/v2\/tags?post=39023"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}