IPtables in Linux – Easy way

Reading Time: 3 minutes

What is IPtable in Linux?

Iptables is a built-in Linux firewall that includes some conditions, known as Rules, according to which the traffic is allowed on a machine. The incoming and outgoing traffic and filter a specified rule is handled by Iptables. Iptables contain multiple Chains. A Chain is a set of rules in the table.

We transfer data in the form of packets. We need IPtables in Linux which is a Command-line (CLI) tool for managing the firewall rules on a Linux machine. IPtables contain different tables to filter the packets.

Types Of Tables in IPtables in Linux

  1. Filter Table – Filter table is the known as default and main table. Default table of Iptables is Filter Table.
  2. NAT Table – NAT (Network Address Translation) is used to provide address translation rule.
  3. Mangle Table – Mangle table is used to Modify the IP Header.
  4. Raw Tables – Raw table is used for connection tracking. It provides a mechnism for making packets to view packets as part of an on goingconnection or session.
  5. Security Table – Security table is used Used for Mandatory Access Control(MAC).

Rules And Target In IPtables in Linux

Rules are what should we do with the packets if it matches any defined rule.

If a packet matches a set of rules. It will define a Target. A Target is some special value or action taken to a packet or on IP.

Targets in IPtables

  • ACCEPT
  • DROP
  • RETURN
  • QUEUE

Chains And Its Type

Chains are basically a set of similar types of rules. These are like points in the route of a packet where you can apply rules.

  • INPUT:  We use Input chain to control the incoming packets to the server.
  • FORWARD: This chain for incoming connections that are not actually being delivered locally. 
  • OUTPUT: We chain applied to the packet originated from our system and going out.
  • Pre – Routing: We use this chain for modifying packets as they arrive.
  • Post – Routing : We use this chain to modify packets as they are leaving.
Table and chains of IPtables in Linux
The following diagram is about the table and chain.

Traversal Order In Iptables

An incoming packet destined for the local system.

Prerouting -> Input

Packets

Prerouting -> Forward -> PostRouting

Locally generated packets.

Output-> Prerouting

Command To install and View Iptables

  1. Command to install Iptables commands are
sudo apt-get update
sudo apt-get install iptables

2. Command to view the filter table

sudo iptables -L 

The output will look like this:

Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
          
Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         
DOCKER-USER  all  --  anywhere             anywhere            
DOCKER-ISOLATION-STAGE-1  all  --  anywhere             anywhere            
ACCEPT     all  --  anywhere             anywhere             ctstate RELATED,ESTABLISHED
DOCKER     all  --  anywhere             anywhere            
ACCEPT     all  --  anywhere             anywhere                           

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination    

3. Command to view the Other tables :

sudo iptables -t nat -L
sudo iptables -t Security -L
sudo iptables -t mangle -L
sudo iptables -t raw -L

Commands To Add Rules in IPtables

  1. Command to block a website.

In the below command we are blocking `www.iitb.ac.in` which is the IIT Bombay website.

sudo iptables -A INPUT -s www.iitb.ac.in -j DROP

2. Command to block a particular website by using Ip-address

sudo iptables -I INPUT -s 192.168.0.102 -j DROP

3. Command to block the loopback address.

the loopback address is your localhost of IP 127.0.0.1

sudo iptables -A INPUT -i lo -j DROP

Commands To Remove Rules from IPtables

1. Command to remove a particular rule in the table according to the line number.

sudo iptables -D <chain name> <linenumber>

2. Command to remove all the rules in the table according to the chain name.

sudo iptables -F <chain name>

3. Command to remove all the Rules in the table.

sudo iptables -F/--flush

Conclusion of IPtables in Linux

Curious to learn more about the Iptables please visit https://help.ubuntu.com/community/IptablesHowTo

For more informative blogs do check out our blog site https://blog.knoldus.com/category/devops/

knoldus

Written by 

Kirti is a Software Intern at Knoldus Software. She is always charged up for new things & learnings. She is dedicated to his work and believes in quality output.