Detailed Linux iptables common firewall rules

  • 2021-06-28 14:48:53
  • OfStack

IPTABLES is an IP packet filtering system integrated with the latest version 3.5 Linux kernel.If the Linux system is connected to the Internet or LAN, a server, or a proxy server that is connected to LAN and the Internet, the system will help to have better control over IP packet filtering and firewall configuration on the Linux system.

When a firewall makes a packet filtering decision, it has a set of rules that it follows and composes, which are stored in dedicated packet filtering tables that are integrated into the Linux kernel.In the packet filter table, rules are grouped into what we call chains (chain).The netfilter/iptables IP packet filtering system is a powerful tool for adding, editing, and removing rules.

Although the netfilter/iptables IP packet filtering system is called a single entity, it actually consists of two components, netfilter and iptables.
The netfilter component, also known as kernel space (kernelspace), is part of the kernel and consists of a set of packet filter tables that contain the rule sets used by the kernel to control packet filtering processing.

The iptables component is a tool, also known as user space (userspace), that makes it easy to insert, modify, and remove rules from packet filter tables.Unless you are using Red Hat Linux 7.1 or later, you will need to download the tool and install it to use it

The details are as follows:


iptables -A INPUT -s 127.0.0.1 -d 127.0.0.1 -j ACCEPT
# Allow local loopback interface ( Run Native to Access Native Machine )

iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT 
 # Allow established or related traffic 

iptables -A OUTPUT -j ACCEPT    
# Allow all local outbound access 

iptables -A INPUT -p tcp --dport 22 -j ACCEPT  
# allow access to 22 port 

iptables -A INPUT -p tcp --dport 80 -j ACCEPT  
# allow access to 80 port 

iptables -A INPUT -p tcp --dport 21 -j ACCEPT  
# allow ftp Service 21 port 

iptables -A INPUT -p tcp --dport 20 -j ACCEPT  
# allow FTP Service 20 port 

iptables -A INPUT -j reject   
# Prohibit access to other unallowed rules 

iptables -A FORWARD -j REJECT  
# Prohibit access to other unallowed rules 

summary

The above is the Linux iptables common firewall rules introduced to you by this site. I hope it will help you. If you have any questions, please leave a message for me. This site will reply to you in time!


Related articles: