Setting up iptables, tips, recommendations for dummies

The iptables command-line utility discussed in this article is the standard interface used to manage the operation of the netfilter firewall. This is all relevant if a Linux system is installed on the computer version 2.4 and 2.6. In simple terms, setting up iptables helps manage the firewall, but it requires superuser rights to use it. Despite the fact that the concepts are different, very often, talking about them, people mean the same thing. But this is far from the case.

Ordinary ordinary users probably heard the concepts in question, but what they mean and what are needed, for some it's not clear. So, through each computer connected to the Internet, there are various network packages that need to be monitored. This is what the firewall is doing. These are software tools that operate at different OSI levels. They work in accordance with the specified task and the selected action.

The main and main task of the firewall is protection from unauthorized access of individual nodes and entire computer networks. They play the role of filters (they are called): they check and sort network packets according to the criteria that the system determines. It seems that they are going through a consistent chain of actions. In fact, this is so. Setting up iptables helps the user to apply all of the established rules, which include the following:

1. Check the package for compliance.
2. Apply the desired action.

An action is considered to be a normal ordinary operation, for example, ACCEPT, or an internal transition from one chain to another. How to do all this, you can find in any iptables settings for dummies. More advanced users know that the actions themselves are of two types: terminal and nonterminal. The main purpose of the first is the termination of batch processing within the boundaries of the basic chain, for example, REJECT. The second, on the contrary, does not stop processing the packet, say, MARK, TOS, bring the test to its logical conclusion. In the case where the data goes through the entire chain and no actions are applied to them, it means only that everything happens in the default mode (set as the main one)

The usual iptables configuration provides three main types of tables when running the utility:

1. Mangle - most often used when you need to make changes to the name of the package. An example is the change of TOS bits.
2. Nat - a chain for displaying the network address. Can be performed only within the boundaries of the other. No filtration can be done, except in exceptional cases.
3. Filter - all incoming packets pass through it, and there is no difference what interface they follow. In other words, the chain filters traffic.

All users are more interested in the third table. It has three chains. The first - for incoming packets - INPUT, the second - for going through one computer to another - FORWARD, and the third - for outgoing - OUTPUT. According to the current rules, any package, having passed all the way, is either skipped or not.

All the current rules configure iptables Ubuntu allows you to edit as you wish. This is done by entering certain commands into the terminal. The string that contains the criteria that define the package is the law. An example rule entry is this: iptables [-t table-name] command [template] [-j action]. Here, t gives an indication of what kind of table it will be, if it does not exist, a default chain (filter) is suggested. When the user assumes a different view, you must enter it manually. The team must stand immediately after the name. If there is none, it is in the first place. The action defines the iptables setting. The most common are such as ACCEPT (packet skip, scan completed), DROP (do not skip, silently discard, the action ends not only for one thread, but for all others).