Skip to content

Instantly share code, notes, and snippets.

@mauriballes

mauriballes/iptables-commands.md

Created May 23, 2020 17:55
Show Gist options
  • Save mauriballes/9157a9a9572d0eb204ebfef0b131fa82 to your computer and use it in GitHub Desktop.
Save mauriballes/9157a9a9572d0eb204ebfef0b131fa82 to your computer and use it in GitHub Desktop.
Download ZIP
IP Tables Tricks
Raw
iptables-commands.md

Configurar las ipTables

Listar Tablas

  • Comando: sudo iptables -L -v
  • Adicional:
* INPUT = Del mundo exterior(Internet) a nosotros
* OUTPUT = De nosotros hacia el mundo exterior(Internet)
* FORWARD = De nuestra red local a otra red privada

Agregar Regla INPUT, OUTPUT

  • Acepta todo lo proveniente que este en la interfaz de loopback: sudo iptables -A INPUT -i lo -j ACCEPT
  • El connctrack establecera las conexiones al server: sudo iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
  • Habilitar trafico en el puerto 22: sudo iptables -A INPUT -p tcp --dport 22 -j ACCEPT
  • Deniega toda la entrada de paquetes al servidor: sudo iptables -A INPUT -j DROP

Guardar Reglas (iptables-persistent)

sudo apt-get install iptables-persistent

# Try
sudo /etc/init.d/iptables-persistent save 
sudo /etc/init.d/iptables-persistent reload 

# if fails, this
sudo netfilter-persistent save
sudo netfilter-persistent reload

Eliminar reglas

# Find the rules
sudo iptables -S

# Paste the line except: -A
sudo iptables -D <LINE>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment