Vpsadd tutorial: Linux firewall iptables configuration tutorial for beginners

Vpsadd Tutorial: Linux Firewalliptables novice configuration tutorial

1. What is iptables iptables is an IP packet filtering system integrated with the latest version 3.5 Linux kernel. This system facilitates better control over IP packet filtering and firewall configuration on Linux systems if they are connected to the Internet or LAN, a server, or a proxy server that connects the LAN to the Internet. When the firewall makes packet filtering decisions, it follows and composes a set of rules. These rules are stored in dedicated packet filtering tables, and these tables are integrated in the Linux kernel. In a packet filter table, rules are grouped into what we call chains. The netfilter/iptables IP packet filtering system is a powerful tool that can be used to add, edit and remove rules. Although the netfilter/iptables IP packet filtering system is referred to as a single entity, it actually consists of two components, netfilter and iptables. The netfilter component, also called kernelspace, is a part of the kernel that consists of packet filtering tables that contain the set of rules used by the kernel to control packet filtering processing. The iptables component is a tool, also known as userspace, that makes it easy to insert, modify, and remove rules in packet filtering tables. Unless you are using Red Hat Linux 7.1 or higher, you will need to download the tool and install it to use it. 2. Commonly used commands of iptables service iptables -status #Check whether iptables is running iptables -F #Capital F, clear all current rules iptables-save #Note that there is no space between s- to save the current rules iptables -L -n #List displays current rules 3. Common IP blocking commands: iptables -A INPUT -s 123.45.67.89 -j DROP #Block a single IP address #To shield the entire segment (class A address) from 192.0.0.1 to 192.255.255.254, add the following rules. iptables -I INPUT -s 192.0.0.0/8 -j DROP #Block the IP segment (Class B address) from 192.168.0.1 to 192.168.255.254, then add the following rules. iptables -I INPUT -s 192.168.0.0/16 -j DROP #Block the IP segment (Class C address) from 192.168.200.1 to 192.168.200.254, then add the following rules. iptables -I INPUT -s 192.168.200.0/24 -j DROP

Recommended site search: server space rental, European server and American server, 6 yuan Alibaba Cloud shared virtual host, American server, foreign cloud server, mainland China registration-free CDN, overseas virtual host space, free domain name registration 0 yuan registration, Taiwan server, virtual hosting space,