To configure IPTABLES in Linux

If you do not know the basic knowledge about IPTABLES in Linux, we recommend that you first check it out. configure a filter table firewall. (1) view the settings of IPTABLES on the local machine [root @ tp ~] # Iptables-L-n
Chain INPUT (policy ACCEPT)
Target prot opt source destination Chain FORWARD (policy ACCEPT)
Target prot opt source destination Chain OUTPUT (policy ACCEPT)
Target prot opt source destination Chain RH-Firewall-1-INPUT (0 references)
Target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 255
ACCEPT esp -- 0.0.0.0/0 0.0.0.0/0
ACCEPT ah -- 0.0.0.0/0 0.0.0.0/0
ACCEPT udp -- 0.0.0.0/0 224.0.0.20.udp dpt: 5353
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 uddpt: 631
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED, ESTABLISHED
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt: 22
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt: 80
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt: 25
REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
We can see that when I installed linux, I chose to have a firewall and opened ports 22, 80, and 25. if you do not choose to start the firewall when installing linux, this is the case [root @ tp ~] # Iptables-L-n
Chain INPUT (policy ACCEPT)
Target prot opt source destination Chain FORWARD (policy ACCEPT)
Target prot opt source destination Chain OUTPUT (policy ACCEPT)
Target prot opt source destination has no rules. (2) Clear the original rules. whether or not you have enabled the firewall when installing linux, if you want to configure your own firewall, clear all the filter rules. [root @ tp ~] # Iptables-F clear the rules of all rule chains in the filter of the preset table
[Root @ tp ~] # Iptables-X clear the rules in the User-Defined chain in the filter of the preset table. Let's take a look at [root @ tp ~]. # Iptables-L-n
Chain INPUT (policy ACCEPT)
Target prot opt source destination Chain FORWARD (policy ACCEPT)
Target prot opt source destination Chain OUTPUT (policy ACCEPT)
Target prot opt source destination has nothing to do with. It is the same as we didn't start the firewall when installing linux. (say in advance, these configurations are the same as configuring IP addresses with commands, so restarting them will lose effect.) How to save them. [root @ tp ~] #/Etc/rc. d/init. d/iptables save to write it to the/etc/sysconfig/iptables file. after writing, remember to repeat the firewall to make it work. [root @ tp ~] # Service iptables restart: No configuration is available in the IPTABLES configuration table. Let's start our configuration. (3) set the default rule [root @ tp ~] # Iptables-p input drop [root @ tp ~] # Iptables-p output accept [root @ tp ~] # Iptables-p FORWARD DROP

1 2 Next Page