Difference between revisions of "Iptables"
From neil.tappsville.com
Jump to navigationJump to searchm |
m |
||
| Line 34: | Line 34: | ||
List Rules in the format used to add them | List Rules in the format used to add them | ||
| − | iptables -L | + | iptables -L --line-numbers |
Add a rule above an existing | Add a rule above an existing | ||
iptables -I INPUT [number] <rest of -L syntax> | iptables -I INPUT [number] <rest of -L syntax> | ||
Latest revision as of 04:43, 12 July 2021
Contents
iptables
Tables
Main tables are Filter, NAT, Mangle
- Filter - default
- NAT
- Mangle - change IP Headers
Chains
Traversal Order: Pre --> Input --> Forward --> Output
- Prerouting - Incoming packet
- Input - Entering network stack
- Forward - Routed through system
- Output - Orginated on system and leaving system
- Post Routing - Packet going on the wire
Incoming packets destined for the local system: Prerouting --> Input
Incoming packets destined to another host: Prerouting --> Foward --> Postrouting
Locally generated packets: Output --> Postrouting
Rules
Commands to manipulate network traffic.
Each rule in the chain is queried in order - if the packet does not match the next rule is examined.
Each rule had a matching component and a Target component (action)
List Rules
iptables -S
List Rules in the format used to add them
iptables -L --line-numbers
Add a rule above an existing
iptables -I INPUT [number] <rest of -L syntax>
