IPTables: Difference between revisions

← Older edit

IPTables (view source)

Revision as of 16:48, 18 November 2020

1,521 bytes added , 3 years ago

→‎Basic Usage

Amanjosan2008

Bureaucrats, Administrators

4,400

edits

Revision as of 16:50, 26 July 2018 (view source) Amanjosan2008 (talk \| contribs) No edit summary ← Older edit		Latest revision as of 16:48, 18 November 2020 (view source) Amanjosan2008 (talk \| contribs) (→‎Basic Usage)
(12 intermediate revisions by the same user not shown)
Line 8: = IPTables = == Adding Rules == List rules▼ iptables -L▼ Allow SSH Line 23 ⟶ 22: Allow loopback iptables -I INPUT 1 -i lo -j ACCEPT == Reporting == ▲List rules ▲ iptables -L iptables -L --line-numbers Logging iptables -I INPUT 5 -m limit --limit 5/min -j LOG --log-prefix "iptables denied: " --log-level 7 Check Stats Saving rules▼ iptables -~~save~~nvL iptables-restore▼ Reset Packet Counts and Aggregate Size: ▲ iptables -~~restore~~Z == Deleting Rules == Delete a Rule iptables -D INPUT -p tcp --dport 80 -j ACCEPT iptables -D INPUT -i ens160 -s 10.140.198.7 -j DROP Delete by Rule Number iptables -D INPUT 3 # Chain name = INPUT Flush Chain iptables --flush MYCHAIN Flush Iptables ~~Stop iptables~~ iptables -F Delete Empty Chain iptables -X MYCHAIN == Saving Rules == ▲~~Saving~~Export rules iptables-save > /etc/iptables.conf Restore them on every reboot sudo nano /etc/rc.local iptables-restore < /etc/iptables.conf = UFW = == Basic Usage == Installation sudo apt-get install ufw Line 46 ⟶ 79: To add firewall rules: sudo ufw deny 5353/udp▼ sudo ufw deny 5900/tcp▼ sudo ufw deny 22 sudo ufw deny 25/tcp ▲ sudo ufw deny 5353/udp sudo ufw deny 135,139,445/tcp sudo ufw deny 137,138/udp sudo ufw deny from 192.168.1.5 to any # Block specific IP address sudo ufw deny 110▼ sudo ufw deny from 202.54.1.5 to any port 80 # Block specific IP and port number i.e Block Spammers sudo ufw deny 2049▼ sudo ufw deny proto tcp from 202.54.1.1 to any port 22 # Deny specific IP, port number, and protocol sudo ufw deny 143▼ sudo ufw deny ~~21/~~proto tcp from 202.54.1.0/24 to any port 22 # Block Subnet Add a Rule to the Top of the List: Re-check your changes:▼ sudo ufw insert 1 deny from 202.54.1.0/24 comment 'Block DoS attack subnet' Delete Specific Rules: sudo ufw status numbered sudo ufw delete 4 ▲~~Re-check~~Confirm your changes: sudo ufw status verbose sudo ufw status numbered sudo ufw show added sudo ufw show listening sudo ufw show builtins sudo ufw show before-rules sudo ufw show user-rules sudo ufw show after-rules sudo ufw show logging-rules Manage Application Traffic: ▲ sudo ufw ~~deny~~app ~~2049~~list sudo ufw app info Samba sudo ufw allow from 192.168.1.0/24 to any app Samba Rate Limiting: ▲ sudo ufw ~~deny~~limit ~~5900~~53/~~tcp~~udp sudo iptables -L \| grep domain Check Stats: ▲ sudo ufw ~~deny~~show ~~110~~raw Re-check enable (required): sudo ufw enable Reset UFW: ▲ sudo ufw ~~deny 143~~reset == Receive the UDP multicast traffic ==