Live as if you were to die tomorrow. Learn as if you were to live forever.

Friday 9 October 2015

iptables in Linux


  • iptables is implemented at lowest level of kernel which is called as netfilters.
  • iptables does not operation on application layer
  • iptables helps to block some type of DDOS attacks
  • iptables is nothing but the collection of tables which are further divided into chains
  There are three types of iptables
  1. filter table
  2. nat table
  3. mangle table
 Syntax

#[root@server Desktop]# iptables -t <table_name> <commands> <target>

 1) Filter Table

The filter table is mainly used for packet filtering.

There are 3 types of chains in filter table
(i) INPUT chain
(ii) OUTPUT chain
(iii) FORWARD chain
 
2) NAT Table

This table is used only when a packets that creates a new connection. It is responsible for NAT(Network Address Translation).

There are 3 types of chains in nat table
(i) PREROUTING chain
(ii)POSTROUTING chain
(iii)OUTPUT chain

3) MANGLE Table

This table is used for specialized packets alteration.

There are 5 chains in mangle table
(i) INPUT chain
(ii) OUTPUT chain
(iii) FORWARD chain
(iv) PREROUTING chain
(v) POSTROUTING chain