Shulou(Shulou.com)06/02 Report--

This article shows you how to analyze the Linux system security firewall iptables, the content is concise and easy to understand, absolutely can make your eyes bright, through the detailed introduction of this article, I hope you can get something.

IPTABLES is an IP packet filtering system integrated with the latest version 3.5 Linux kernel. If a Linux system connects to the Internet or LAN, a server or a proxy server that connects LAN to the Internet, the system facilitates better control of IP packet filtering and firewall configuration on the Linux system. The following is a detailed explanation of the Linux system security firewall iptables.

Iptables is used to set, maintain, and examine the IP packet filtering rules of the Linux kernel. As a firewall under Linux, it is very powerful. It has three tables, and each table has a rule chain.

(1) filter is the default table, including the built-in chain INPUT (processing incoming packets), FORWARD (processing passed packets), and OUTPUT (processing locally generated packets).

(2) when the nat table is queried, it encounters a packet that produces a new connection, and is composed of three built-in chains: PREROUTING (modified incoming packet), OUTPUT (local packet before routing modification), and POSTROUTING (modified ready-to-go packet).

(3) the mangle table is used to modify the specified packet. It has two built-in rules: PREROUTING (packets entered before route modification) and OUTPUT (local packets before route modification). The following is a brief introduction to the common configuration of iptables.

1. View iptables rules

To view the current iptables policy, use the iptables-L command to view the contents of the filter table by default, as follows:

Root@linuxprobe:~# iptables-L Chain INPUT (policy ACCEPT) target prot opt source destination f2b-sshd tcp-anywhere anywhere multiport dports sshChain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain f2b-sshd (1 references) target prot opt source destination RETURNall-anywhere anywhere

two。 Set chain policy

For filter tables, the default chain policy is ACCEPT, and you can modify the policy of chain with the following command:

Root@linuxprobe:~# iptables-P INPUT DROP root@linuxprobe:~# iptables-P FORWARD DROP root@linuxprobe:~# iptbales-P OUTPUT DROP

The above command configuration will receive, forward and send packets are discarded, the implementation of relatively strict packet management. Since both receiving and sending packets are set to be discarded, when further configuring other rules, you need to pay attention to the configuration for INPUT and OUTPUT respectively. Of course, if you trust this machine to send packets out, the third rule above does not need to be configured.

3. Emptying existing rules

You can empty existing rules with the following rules:

Root@linuxprobe:~# iptables-F

4. Network port forwarding rules

For a server used as a firewall or gateway, one network port is connected to the public network, and the packets of other network ports are forwarded to that port to communicate from the private network to the public network. If eth0 is connected to the private network and eth2 is connected to the public network, the configuration rules are as follows:

Root@linuxprobe:~# iptables-A FORWARD-i eth0-o eth2-j ACCEPT

5. Port forwarding rules

Command to forward packets from port 888 to port 22, so SSH connections can also be made through port 888:

Root@linuxprobe:~# iptables-t nat-A PREROUTING-p tcp-d 192.168.1.1-dport 888Raj DNAT--to 192.168.1.1 DNAT--to 22

6. DoS attack prevention

With the expansion module limit, you can also configure iptables rules to prevent DoS attacks, as shown below:

Root@linuxprobe:~# iptables-An INPUT-p tcp-dport 80ripm limit- limit 25/minute--limit-burst 100koj ACCEPT

Litmit 25/minute indicates that the maximum number of connections per minute is 25.

Litmit-burst 100 indicates that the litmit/minute limit is started when the total number of connections exceeds 100.

What is Linux system Linux is a free-to-use and free-spread UNIX-like operating system, is a POSIX-based multi-user, multi-task, multi-threaded and multi-CPU operating system, using Linux can run major Unix tools, applications and network protocols.

The above content is how to analyze the Linux system security firewall iptables, have you learned the knowledge or skills? If you want to learn more skills or enrich your knowledge reserve, you are welcome to follow the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.