Differences between revisions 5 and 6
Revision 5 as of 2004-04-29 13:54:42
Size: 1592
Editor: anonymous
Comment:
Revision 6 as of 2004-04-29 18:34:40
Size: 1687
Editor: anonymous
Comment:
Deletions are marked like this. Additions are marked like this.
Line 27: Line 27:
Configure iptables so that it starts with your system{{{
 # update-rc.d iptables defaults
}}}

Iptables provides packet filtering, network address translation (NAT) and other packet mangling.

Two of the most common uses of iptables is to provide firewall support and NAT.

List all the rules in effect (by default, none):

 # iptables --list

 Chain INPUT (policy ACCEPT)
 target     prot opt source               destination
  •  Chain FORWARD (policy ACCEPT)
     target     prot opt source               destination
     Chain OUTPUT (policy ACCEPT)
     target     prot opt source               destination


Configuring iptables manually is challenging for the uninitiated. Fortunately, there are many configuration tools (wizards) available to assist: e.g., fwbuilder, bastille, ferm.

Manual configuration: Configure iptables so that it starts with your system

 # update-rc.d iptables defaults

Save the firewall rules to be used when your firewall is inactive (e.g. a set of empty rules)

 # /etc/init.d/iptables save_inactive

After you're done, save the rules you created using

 # /etc/init.d/iptables save_active

More to come... this is just a start since I noticed there wasn't much info on iptables.


Resources: