Jump to content

Linux/iptables: Difference between revisions

From Wiki
← Older editNewer edit →
VisualWikitext
Marcluer (talk | contribs)
CooleKarte, HOT2013, JustinTime, Bureaucrats, Administrators
4,553 edits
Marcluer (talk | contribs)
CooleKarte, HOT2013, JustinTime, Bureaucrats, Administrators
4,553 edits
Line 55: Line 55:
<pre>
<pre>
iptables
iptables
         -A (append - add rule at end)
         -A (append - add rule at end)            -i (input interface)          -j (target)
         -C (check)
         -C (check)                                -o (output interface)
         -D (delete - remove rule)
         -D (delete - remove rule)                 -s (source address)   
         -F (flush - remove all rules)
         -F (flush - remove all rules)            -d (destination address)
         -I (insert - add at position)
         -I (insert - add at position)            
         -L (list - show all rules in chain)
         -L (list - show all rules in chain)      -p      (protocol (tcp/udp))
         -N (new chain)
         -N (new chain)                            --dport (port)
         -X (delete chain)
         -X (delete chain)


         -i (input interface)
         -t (table to manipulate (default: filter)
        -o (output interface)
        -s (source address)
        -d (destination address)


        -j (target)
        -t (table to manipulate (default: filter)
         -n (numeric output of addresses and ports)
         -n (numeric output of addresses and ports)
</pre>
</pre>

Revision as of 17:57, 4 December 2023

Tables Chains
FILTER
  • INPUT
  • OUTPUT
  • FORWARD
NAT
  • PREROUTING
  • OUTPUT
  • POSTROUTING
MANGLE

(modify ip headers)

  • PREROUTING
  • POSTROUTING
  • OUTPUT
  • INPUT
  • FORWARD
RAW

(connection tracking)

  • PREROUTING
  • OUTPUT
SECURITY
Targets
REJECT
DROP
ACCEPT
RETURN
MASQUERADE

Basics

iptables
         -A (append - add rule at end)             -i (input interface)          -j (target)
         -C (check)                                -o (output interface)
         -D (delete - remove rule)                 -s (source address)    
         -F (flush - remove all rules)             -d (destination address)
         -I (insert - add at position)              
         -L (list - show all rules in chain)       -p      (protocol (tcp/udp))
         -N (new chain)                            --dport (port)
         -X (delete chain)

         -t (table to manipulate (default: filter)

         -n (numeric output of addresses and ports)

View state

iptables -L

raspi wifi to ethernet

  • rc.local
    • iptables --table nat --append POSTROUTING --out-interface wlan0 -j MASQUERADE
    • iptables --append FORWARD --in-interface eth0 -j ACCEPT
Retrieved from "https://wiki.marcluerssen.de/index.php?title=Linux/iptables&oldid=3873"