Iptables identifies the packets received and then uses a set of rules to decide what to do with them
Filters packets based on
Tables => Tables are files that join similar actions. A table consists of several chains
Chains => A chain is a string of rules. When a packet is received, iptables finds the appropriate table, then runs it through the chain of rules until it finds a match
Rules => A rule is a statement that tells the system what to do with a packet. Rules can block one type of packet, or forward another type of packet. The outcome, where a packet is sent, is called a target
Targets => A target is a decision of what to do with a packet. Typically, this is to accept it, drop it, or reject it (which sends an error back to the sender)
Tables and Chains
Filter => Acts as a bouncer, deciding who gets in and out of your network
Input => the rules in this chain control the packets received by the server
Output => this chain controls the packets for outbound traffic
Forward => this set of rules controls the packets that are routed through the server
Network Address Translation (NAT) => Contain rules for routing packets to networks that cannot be accessed directly. When the destination or source of the packet has to be altered
Prerouting => this chain assigns packets as soon as the server receives them
Output => works the same as the output chain we described in the filter table
Postrouting => the rules in this chain allow making changes to packets after they leave the output chain
Mangle => Adjusts the IP header properties of packets
Prerouting
Postrouting
Output
Input
Forward
Raw => Used to exempt packets from connection tracking
Prerouting
Output
Security (Optional) => Manage special access rules
Input
Output
Forward
Targets
Non-terminating targets keep matching the packets against rules in a chain even when the packet matches a rule
Terminating targets, a packet is evaluated immediately and is not matched against another chain
Accept => This rule accepts the packets to come through the iptables firewall
Drop => The dropped package is not matched against any further chain
Return => This rule sends the packet back to the originating chain so you can match it against other rules
Reject => The iptables firewall rejects a packet and sends an error to the connecting device
Installing IPtables in Ubuntu
sudo apt-get install iptables
sudo apt-get install iptables-persistent => Keep iptables firewall rules when you reboot the system
sudo iptables -L => View the current set of rules on your server
sudo iptables -A INPUT -i lo -j ACCEPT => Allow traffic from your own system (localhost)
Allow Traffic on Specific Ports
sudo iptables -A INPUT -p tcp --dport 80 -j ACCEPT => Allow HTTP web traffic
sudo iptables -A INPUT -p tcp --dport 22 -j ACCEPT => allow only incoming SSH traffic
sudo iptables -A INPUT -p tcp --dport 443 -j ACCEPT => Allow HTTPS internet traffic
Control Traffic by IP Address
sudo iptables -A INPUT -s 192.168.0.27 -j ACCEPT => Accept traffic from a specific IP address
sudo iptables -A INPUT -s 192.168.0.27 -j DROP => Drop traffic
sudo iptables -A INPUT -m iprange --src-range 192.168.0.1-192.168.0.255 -j REJECT => Reject traffic from a range of IP addresses
sudo iptables -A INPUT -j DROP => Dropping Unwanted Traffic
Delete a Rule
sudo iptables -L --line-numbers
sudo iptables -D INPUT <Number> => Delete by line number
Protocols
Set of rules used in digital communication to connect network devices for exchange of information
Types
TCP/IP => TCP is used for connection & IP is used for sharing data
HTTP => Sending Web pages
SMTP => Sending Mail
POP => Sending Mail, Receiver can be offline
IMAP
UDP
PPP
FTP
Network Connecting Devices
Repeater
Amplifies the original signal
Operates in Data link layer
Bridge
Repeater with filtering capability
Gateway
Used to connect different protocols
Router
Uses IP Address to forward data
Used in WAN & LAN
Used to connect networks
Modem
Demodulates the incoming Analog into Digital signals
Modulates the outgoing Digital into Analog signals
Switch
Forwards data to a particular device based on MAC Address => Intelligent
Used in LAN
Used to create networks
Hub
Forwards data to every connected device in the network => Multiport Repeater