{"id":40550,"date":"2020-09-28T09:01:50","date_gmt":"2020-09-28T14:01:50","guid":{"rendered":"https:\/\/webirix.com\/?p=40550"},"modified":"2020-09-28T09:01:50","modified_gmt":"2020-09-28T14:01:50","slug":"iptables-que-debes-conocer","status":"publish","type":"post","link":"https:\/\/webirix.com\/en\/iptables-que-debes-conocer\/","title":{"rendered":"IPTABLES that you should know."},"content":{"rendered":"
\n
\n

Iptables is a command line utility for configuring the Linux kernel firewall. The term iptables is also commonly used to refer to such a kernel firewall. Can be configured directly with iptables, or using one of the many existing console and graphics frontend<\/p>\n

THE MOST COMMON IPTABLES ARE:<\/p>\n

BLOCK A PORT: In this example, port 111 is blocked<\/p>\n

  iptables -A INPUT -p udp -m tcp \u2013dport -j DROP\r\n<\/pre>\n
ALLOW AN IP In this example all requests from ip 127.0.0.1 are accepted<\/p>\n
  iptables -I INPUT -s 127.0.0.1\/30 -j ACCEPT\r\n<\/pre>\n
OPEN A PORT<\/p>\n
  iptables -A INPUT -p tcp \u2013dport 22 -j ACCEPT\r\n<\/pre>\n
ALLOW AN IP RANGE in this option there are two ways to do it, the first is only if you want to allow an IP range (such as 162.168.10.20 to 192.168.10.80), the second is by segments placing \/ 24 in this option, take into account that \/ 24 allows a range of 254 hosts.<\/p>\n
  iptables -A INPUT -i eth1 -m iprange \u2013src-range 162.168.10.20-80 -j ACCEPT\r\n<\/pre>\n
  iptables -A INPUT -i eth1 -s 10.50.0.0\/16 -j ACCEPT\r\n<\/pre>\n
BLOCK ALL PORTS EXCEPT 80,443,22,25<\/p>\n
  iptables -A INPUT -p tcp -m tcp -m multiport! \u2013Dports 80,443,22,25 -j DROP<\/pre>\n<\/div>\n<\/div>\n