Hinson's blog

𝕰𝖝𝖈𝖊𝖑𝖑𝖊𝖓𝖈𝖊 𝖎𝖓 𝖈𝖑𝖔𝖚𝖉 𝖆𝖗𝖈𝖍𝖎𝖙𝖊𝖈𝖙𝖚𝖗𝖊 𝖆𝖓𝖉 𝖘𝖊𝖈𝖚𝖗𝖎𝖙𝖞 𝖉𝖔𝖒𝖆𝖎𝖓𝖘 𝖎𝖘 𝖙𝖍𝖊 𝖊𝖙𝖊𝖗𝖓𝖆𝖑 𝖕𝖚𝖗𝖘𝖚𝖎𝖙 𝖔𝖋 𝖒𝖞 𝖕𝖗𝖔𝖋𝖊𝖘𝖘𝖎𝖔𝖓𝖆𝖑 𝖌𝖗𝖔𝖜𝖙𝖍

Iptables Service Usage

By hinsonOn
Spread the love

iptables-services on CentOS is a package that provides the traditional iptables service to manage IPv4 firewall rules. This service allows you to configure and manage firewall rules using the iptables tool, which is a user-space utility program that allows a system administrator to configure the IP packet filter rules of the Linux kernel firewall.

Key Features of iptables-services

Service Management:

  • iptables-services allows you to start, stop, and manage the iptables service using standard service management commands.

Persistent Rules:

  • It provides mechanisms to save and restore firewall rules across reboots. The rules are typically saved in /etc/sysconfig/iptables for IPv4 and /etc/sysconfig/ip6tables for IPv6.

Compatibility:

  • iptables-services is compatible with legacy iptables configurations and scripts, making it suitable for administrators familiar with traditional iptables syntax and methods.

Configuring iptables Rules

Edit the iptables Configuration File:

  • The main configuration file for IPv4 rules is /etc/sysconfig/iptables. You can edit this file to add, modify, or remove firewall rules.

A sample configuration might look like this:

*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp --dport 22 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT

Save the Configuration:

After editing the configuration file, you need to save the changes and restart the iptables service to apply them.

sudo systemctl restart iptables

Saving iptables Rules:

  • To save the current iptables rules so that they are preserved across reboots, you can use the following command:
sudo service iptables save

Example iptables Rules

Here are some common iptables rules you might configure:

# Allowing SSH Traffic
-A INPUT -p tcp --dport 22 -j ACCEPT

# Allowing HTTP and HTTPS Traffic
-A INPUT -p tcp --dport 80 -j ACCEPT
-A INPUT -p tcp --dport 443 -j ACCEPT

# Allowing ICMP (Ping) Traffic
-A INPUT -p icmp -j ACCEPT

# Dropping All Other Incoming Traffic
-A INPUT -j DROP

Leave a Reply

Your email address will not be published. Required fields are marked *