1592
Comment:
|
1687
|
Deletions are marked like this. | Additions are marked like this. |
Line 27: | Line 27: |
Configure iptables so that it starts with your system{{{ # update-rc.d iptables defaults }}} |
Iptables provides packet filtering, network address translation (NAT) and other packet mangling.
Two of the most common uses of iptables is to provide firewall support and NAT.
List all the rules in effect (by default, none):
# iptables --list
Chain INPUT (policy ACCEPT) target prot opt source destination
Chain FORWARD (policy ACCEPT) target prot opt source destination
Chain OUTPUT (policy ACCEPT) target prot opt source destination
Configuring iptables manually is challenging for the uninitiated. Fortunately, there are many configuration tools (wizards) available to assist: e.g., fwbuilder, bastille, ferm.
Manual configuration: Configure iptables so that it starts with your system
# update-rc.d iptables defaults
Save the firewall rules to be used when your firewall is inactive (e.g. a set of empty rules)
# /etc/init.d/iptables save_inactive
After you're done, save the rules you created using
# /etc/init.d/iptables save_active
More to come... this is just a start since I noticed there wasn't much info on iptables.
Resources:
- Gentle Introductions/Overviews
Iptables Basics: http://www.justlinux.com/nhf/Security/["IPtables"]_Basics.html
Securing Debian: Adding firewall capabilities: http://www.debian.org/doc/manuals/securing-debian-howto/ch-sec-services.en.html#s-firewall-setup
- More Detailed Reference
iptables-tutorial: http://iptables-tutorial.frozentux.net/
Packet Filter HOWTO: http://www.netfilter.org/documentation/HOWTO//packet-filtering-HOWTO.html