Linux - How ip tables works, IPTABLES-Linux-Firewalls
How ip tables works
Use Of Iptables?
Filtering packets based on a MAC address and the values of the flags in the TCP header. This is helpful in preventing attacks using malformed packets and in restricting access from locally attached servers to other networks in spite of their IP addresses.
Firewall also keeps track of each connection passing through it and in certaincases will view the contents of data flows in an attempt to anticipate the next action of certain protocols. This is an important feature in the support of active FTP and DNS, as well as many other network services.
How IP Tables works?
All packets inspected by iptables pass through a sequence of built-in tables (queues) for processing. Each of these queues is dedicated to a particular type of packet activity and is controlled by an associated packet transformation/filtering chain.
There are three tables in total. The first is the mangle table which is responsible for the alteration of quality of service bits in the TCP header. This is hardly used in a home or SOHO environment.
The second table is the filter queue which is responsible for packet filtering. It has three built-in chains in which you can place your firewall policy rules.
a) INPUT Table b) OUTPUT Table c) FORWARD Table
General Syntax of the iptables is as follows:
IPTABLES -A {INPUT,OUTPUT,FORWARD} -p {tcp,udp} --sport(dport) -s {ip} -j {DROP,REJECT,ACCEPT}
To Block the incomming ip:
IPTABLES -A OUTPUT -p tcp --sport{1..65535} -s {ipaddress} -j DROP {REJECT}
To Block the outcomming ip:
IPTABLES -A INPUT -p tcp --sport{1..65535} -s {ipaddress} -j DROP {REJECT}
You can also use --dport instead of --sport & you can use -d instead of -s which specifies source or destination respectively.
The topic on Linux - How ip tables works is posted by - Math
Hope you have enjoyed, Linux - How ip tables worksThanks for your time