Denys Haryachyy, profile picture
Uploaded byDenys Haryachyy
PPTX, PDF2,712 views

Understanding iptables

This document provides an overview of iptables and Linux firewall configuration. It discusses Netfilter hooks and stages, stateless and stateful firewall rules using iptables, logging rules, the tables (filter, nat, mangle, raw) and built-in chains, creating custom chains, using ipsets for constant-time lookups, and useful iptables commands. It also briefly mentions using libnetfilter_queue to divert traffic to userspace applications and provides references for further reading on Linux firewalls and Netfilter.

Embed presentation

Downloaded 81 times
Understanding iptables Linux firewall basics
Netfilter hooks stages Socket App NIC INPUT PRE_ROUTING POST_ROUTING OUTPUT FORWARD
Stateless firewall iptables -A INPUT -p tcp --dport 80 -j ACCEPT
Stateful firewall iptables -A INPUT -p tcp -m conntrack --ctstate ESTABLISHED -j ACCEPT iptables -A INPUT -p tcp --dport 80 -m conntrack --ctstate NEW -j ACCEPT
Logging iptables -A INPUT -p tcp --dport 80 -m conntrack --ctstate NEW -j LOG --log-prefix “In Http:”
Tables overview Filter is a default table. So, if you don’t define you own table, you’ll be using filter table. Each table has a number of predefined chains inside. You can create your own chain. Filter Input Forward Output Nat Output Prerouting Postrouting Mangle Input Prerouting Postrouting Output Forward Raw Output Prerouting
Tables in shell iptables -t mangle -A POSTROUTING -o $NETCARD -p tcp -m connbytes --connbytes 10000000: --connbytes-mode bytes --connbytes-dir both -j CONNMARK --set-mark 999 iptables -t mangle -A INPUT -i eth0 -p tcp --dport 80 -m string --string ”get /admin http/” --icase --algo bm -m conntrack --ctstate ESTABLISHED -j DROP iptables -t filter -A input -p tcp --dport 22 -m time --datestart “” --datestop “” --utc --j DROP
Custom chains Create a new chain iptables -N LOGDROP Add chain rules iptables -A LOGDROP -j LOG --log-level 4 --log-prefix 'SourceDrop ' iptables -A LOGDROP -j DROP Add chain rules to iptables rules iptables -A INPUT -s 10.0.0.0/8 -j LOGDROP
Netfilter in user land libnetfilter_queue is used to divert traffic to user application Packets are not duplicated User application has to inject a packet back Useful for debugging rules
ip sets Constant time hash lookup modprobe ip_set ipset -N droplist nethash ipset -add droplist 192.168.1.0/24 iptables -A INPUT -m set --set droplistsrc -j DROP
Useful commands Drop all rules iptables -F Quickly restore rules iptables-restore <rules list file>
References Designing and Implementing Linux Firewalls with QoS using netfilter, iproute2, NAT and L7-filter Netfilter & Iptables Elements Linux Firewall Tutorial: IPTables Tables, Chains, Rules Fundamentals Understanding Linux Network Internals iptables book Iptables targets and jumps Security in Linux
My blog Learning Network Programming

More Related Content

PDF
Faster packet processing in Linux: XDP
byDaniel T. Lee
 
PDF
Fun with Network Interfaces
byKernel TLV
 
PPTX
NGINX: High Performance Load Balancing
byNGINX, Inc.
 
PDF
debugging openstack neutron /w openvswitch
by어형 이
 
PPTX
VTP(Virtual Trunking Protocol)
bySirine Ibrahim
 
PDF
Kernel Recipes 2017 - EBPF and XDP - Eric Leblond
byAnne Nicolas
 
PDF
Alphorm.com Formation Wireshark : L'essentiel
byAlphorm
 
PDF
Kamailio - API Based SIP Routing
byDaniel-Constantin Mierla
 
Faster packet processing in Linux: XDP
byDaniel T. Lee
 
Fun with Network Interfaces
byKernel TLV
 
NGINX: High Performance Load Balancing
byNGINX, Inc.
 
debugging openstack neutron /w openvswitch
by어형 이
 
VTP(Virtual Trunking Protocol)
bySirine Ibrahim
 
Kernel Recipes 2017 - EBPF and XDP - Eric Leblond
byAnne Nicolas
 
Alphorm.com Formation Wireshark : L'essentiel
byAlphorm
 
Kamailio - API Based SIP Routing
byDaniel-Constantin Mierla
 

What's hot

PDF
Linux Networking Explained
byThomas Graf
 
PDF
802.11w Tutorial
byAirTight Networks
 
PPTX
Cours 70 410-1
byMohamed Diallo
 
PPTX
The Basic Introduction of Open vSwitch
byTe-Yen Liu
 
PDF
[오픈소스컨설팅] Red Hat ReaR (relax and-recover) Quick Guide
byJi-Woong Choi
 
PDF
Open vSwitch Introduction
byHungWei Chiu
 
PPTX
Linux Network Stack
byAdrien Mahieux
 
PDF
[OpenStack 하반기 스터디] Docker를 이용한 OpenStack 가상화
byOpenStack Korea Community
 
PDF
Résumé vlsm et cidr
byBoubaker KHERFALLAH
 
PPTX
CloudStack Networking
byCloudStack - Open Source Cloud Computing Project
 
PDF
[ko] Kernel Networking Stack 진입 장벽 허물기
byJuhee Kang
 
PPTX
Understanding DPDK
byDenys Haryachyy
 
PPTX
OpenvSwitch Deep Dive
byrajdeep
 
PDF
netfilter and iptables
byKernel TLV
 
PDF
Kubernetes Networking with Cilium - Deep Dive
byMichal Rostecki
 
PDF
Kernel Recipes 2019 - XDP closer integration with network stack
byAnne Nicolas
 
PDF
How VXLAN works on Linux
byEtsuji Nakai
 
PPTX
Access control list acl - permissions in linux
bySreenatha Reddy K R
 
PDF
Open vSwitchソースコードの全体像
bySho Shimizu
 
PPTX
Kurento: a media server architecture and API for WebRTC
byLuis Lopez
 
Linux Networking Explained
byThomas Graf
 
802.11w Tutorial
byAirTight Networks
 
Cours 70 410-1
byMohamed Diallo
 
The Basic Introduction of Open vSwitch
byTe-Yen Liu
 
[오픈소스컨설팅] Red Hat ReaR (relax and-recover) Quick Guide
byJi-Woong Choi
 
Open vSwitch Introduction
byHungWei Chiu
 
Linux Network Stack
byAdrien Mahieux
 
[OpenStack 하반기 스터디] Docker를 이용한 OpenStack 가상화
byOpenStack Korea Community
 
Résumé vlsm et cidr
byBoubaker KHERFALLAH
 
CloudStack Networking
byCloudStack - Open Source Cloud Computing Project
 
[ko] Kernel Networking Stack 진입 장벽 허물기
byJuhee Kang
 
Understanding DPDK
byDenys Haryachyy
 
OpenvSwitch Deep Dive
byrajdeep
 
netfilter and iptables
byKernel TLV
 
Kubernetes Networking with Cilium - Deep Dive
byMichal Rostecki
 
Kernel Recipes 2019 - XDP closer integration with network stack
byAnne Nicolas
 
How VXLAN works on Linux
byEtsuji Nakai
 
Access control list acl - permissions in linux
bySreenatha Reddy K R
 
Open vSwitchソースコードの全体像
bySho Shimizu
 
Kurento: a media server architecture and API for WebRTC
byLuis Lopez
 

Viewers also liked

PPTX
Vagrant
byDenys Haryachyy
 
PPTX
Git basics
byDenys Haryachyy
 
PPTX
Understanding DPDK algorithmics
byDenys Haryachyy
 
PPTX
History of the personal computer
byDenys Haryachyy
 
PPTX
C++ 11
byDenys Haryachyy
 
PPTX
Secure communication
byDenys Haryachyy
 
PPTX
Network sockets
byDenys Haryachyy
 
PPTX
DPDK KNI interface
byDenys Haryachyy
 
PDF
Iptables presentation
byEmin Abdul Azeez
 
PPT
Iptables in linux
byMandeep Singh
 
PDF
netfilter programming
byGopi Krishnan S
 
PPT
IPTABLES
byTan Huynh Cong
 
PDF
Iptables Configuration
bystom123
 
PDF
DPDK Summit - 08 Sept 2014 - Intel - Networking Workloads on Intel Architecture
byJim St. Leger
 
PDF
DPDK Summit 2015 - Intel - Keith Wiles
byJim St. Leger
 
PDF
Intel DPDK Step by Step instructions
byHisaki Ohara
 
KEY
Fosscon 2012 firewall workshop
byjvehent
 
PDF
How to Become a Thought Leader in Your Niche
byLeslie Samuel
 
Vagrant
byDenys Haryachyy
 
Git basics
byDenys Haryachyy
 
Understanding DPDK algorithmics
byDenys Haryachyy
 
History of the personal computer
byDenys Haryachyy
 
C++ 11
byDenys Haryachyy
 
Secure communication
byDenys Haryachyy
 
Network sockets
byDenys Haryachyy
 
DPDK KNI interface
byDenys Haryachyy
 
Iptables presentation
byEmin Abdul Azeez
 
Iptables in linux
byMandeep Singh
 
netfilter programming
byGopi Krishnan S
 
IPTABLES
byTan Huynh Cong
 
Iptables Configuration
bystom123
 
DPDK Summit - 08 Sept 2014 - Intel - Networking Workloads on Intel Architecture
byJim St. Leger
 
DPDK Summit 2015 - Intel - Keith Wiles
byJim St. Leger
 
Intel DPDK Step by Step instructions
byHisaki Ohara
 
Fosscon 2012 firewall workshop
byjvehent
 
How to Become a Thought Leader in Your Niche
byLeslie Samuel
 

Similar to Understanding iptables

PDF
[2019.01.12] hst iptables 101 to 301
byChia-Hao Tsai
 
PDF
Iptables fundamentals
byram_b17
 
PPTX
Firewall
bykhalid abdelazim
 
PPTX
Linux Firewall (Netfilter )and tools .pptx
byRomal-Yorish
 
PDF
Firewall Facts
byDAVID RAUDALES
 
PPT
I ptable
bySandeep Gupta
 
PPT
Iptables
byleminhvuong
 
PPTX
Firewalls rules using iptables in linux
byaamir lucky
 
PDF
Linux iptables Pocket Reference 1st Edition Gregor N. Purdy download pdf
bysariyealpire
 
PPTX
Iptables the Linux Firewall
bySyed fawad Gillani
 
PDF
Chapter 6 firewall
bynewbie2019
 
PDF
Linux firewall
bychanmyaeag
 
DOCX
Creating a firewall in UBUNTU
byMumbai University
 
PDF
IP Tables Primer - Part 1
byn|u - The Open Security Community
 
PDF
IPTables Primer - Part 1
byNishanth Kumar Pathi
 
PPTX
IP Tables And Filtering
bySuperstarRr
 
PDF
Packet Filtering Using Iptables
byAhmed Mekkawy
 
PPT
Linux Firewall - NullCon Chennai Presentation
byVinoth Sivasubramanan
 
PDF
iptable casestudy by sans.pdf
byAdmin621695
 
ODP
Firewalld : A New Interface to Your Netfilter Stack
byMahmoud Shiri Varamini
 
[2019.01.12] hst iptables 101 to 301
byChia-Hao Tsai
 
Iptables fundamentals
byram_b17
 
Firewall
bykhalid abdelazim
 
Linux Firewall (Netfilter )and tools .pptx
byRomal-Yorish
 
Firewall Facts
byDAVID RAUDALES
 
I ptable
bySandeep Gupta
 
Iptables
byleminhvuong
 
Firewalls rules using iptables in linux
byaamir lucky
 
Linux iptables Pocket Reference 1st Edition Gregor N. Purdy download pdf
bysariyealpire
 
Iptables the Linux Firewall
bySyed fawad Gillani
 
Chapter 6 firewall
bynewbie2019
 
Linux firewall
bychanmyaeag
 
Creating a firewall in UBUNTU
byMumbai University
 
IP Tables Primer - Part 1
byn|u - The Open Security Community
 
IPTables Primer - Part 1
byNishanth Kumar Pathi
 
IP Tables And Filtering
bySuperstarRr
 
Packet Filtering Using Iptables
byAhmed Mekkawy
 
Linux Firewall - NullCon Chennai Presentation
byVinoth Sivasubramanan
 
iptable casestudy by sans.pdf
byAdmin621695
 
Firewalld : A New Interface to Your Netfilter Stack
byMahmoud Shiri Varamini
 

Recently uploaded

PPTX
Building AI agents in Java - Devoxx Belgium 2025
byJulien Dubois
 
PPTX
operating sys about shells and terminals commands .pptx
byYazeedAbdullah6
 
PDF
DevOps Monitoring Tools: The 2025 Guide to Performance & Observability
byalexendrascott01
 
PDF
DSD-INT 2025 Quantifying Flood Mitigation Strategies Under Sea Level Rise - H...
byDeltares
 
PDF
DSD-INT 2025 UK Coastal Flooding Incident Guide - Dam
byDeltares
 
PDF
Data Integration with Salesforce Bootcamp
byDele Amefo
 
PPTX
The Sync Strikes Back: Tales from the MOPs Trenches
bybbedford2
 
PDF
SCORM Cloud: The 5 categories of content distribution
byRustici Software
 
PDF
DSD-INT 2025 Validation of SFINCS on Historical River Floods at the Global Sc...
byDeltares
 
PDF
DSD-INT 2025 DevOps - Automated testing and delivery of Delft3D FM - van West...
byDeltares
 
PDF
Bring AI and build AI agents into your Jakarta EE Apps with LangChain4J-CDI
byBuhake Sindi
 
PDF
Internship Project Training Report-3.pdf
byPawank36
 
PDF
DSD-INT 2025 Advancing Urban Flood Modeling with Delft3D FM 1D2D - A Pilot St...
byDeltares
 
PPT
Presentation on TCL/TK scripting language
byBimal Jain
 
PDF
DSD-INT 2025 Flood Early Warning System for the Trans-African Hydrometeorolog...
byDeltares
 
PPTX
Presentation on AWS Cloud RDS Deep dive
byBimal Jain
 
PDF
DSD-INT 2025 MeshKernel and D-Grid Editor - Stout
byDeltares
 
PDF
Custom MGA Software Development: Better Apporach
byOpenkoda
 
PDF
BCA 1st Semester Fundamentals Solved Question Paper 44121
byKuvempu University
 
PPTX
CRM Development Company | Custom CRM Development Services
byyugababu033
 
Building AI agents in Java - Devoxx Belgium 2025
byJulien Dubois
 
operating sys about shells and terminals commands .pptx
byYazeedAbdullah6
 
DevOps Monitoring Tools: The 2025 Guide to Performance & Observability
byalexendrascott01
 
DSD-INT 2025 Quantifying Flood Mitigation Strategies Under Sea Level Rise - H...
byDeltares
 
DSD-INT 2025 UK Coastal Flooding Incident Guide - Dam
byDeltares
 
Data Integration with Salesforce Bootcamp
byDele Amefo
 
The Sync Strikes Back: Tales from the MOPs Trenches
bybbedford2
 
SCORM Cloud: The 5 categories of content distribution
byRustici Software
 
DSD-INT 2025 Validation of SFINCS on Historical River Floods at the Global Sc...
byDeltares
 
DSD-INT 2025 DevOps - Automated testing and delivery of Delft3D FM - van West...
byDeltares
 
Bring AI and build AI agents into your Jakarta EE Apps with LangChain4J-CDI
byBuhake Sindi
 
Internship Project Training Report-3.pdf
byPawank36
 
DSD-INT 2025 Advancing Urban Flood Modeling with Delft3D FM 1D2D - A Pilot St...
byDeltares
 
Presentation on TCL/TK scripting language
byBimal Jain
 
DSD-INT 2025 Flood Early Warning System for the Trans-African Hydrometeorolog...
byDeltares
 
Presentation on AWS Cloud RDS Deep dive
byBimal Jain
 
DSD-INT 2025 MeshKernel and D-Grid Editor - Stout
byDeltares
 
Custom MGA Software Development: Better Apporach
byOpenkoda
 
BCA 1st Semester Fundamentals Solved Question Paper 44121
byKuvempu University
 
CRM Development Company | Custom CRM Development Services
byyugababu033
 
In this document
Powered by AI

Overview of iptables and foundational aspects of Linux firewall operations.

Illustrates the stages of Netfilter hooks including INPUT, FORWARD, and OUTPUT processes.

Demonstrates a basic stateless firewall rule allowing HTTP traffic on port 80.

Explains stateful firewall rules using conntrack for established and new connections.

Shows how to log new HTTP connections with iptables for monitoring purposes.

Details about default tables in iptables, including their predefined chains and customizations.

Examples of complex iptables commands using multiple tables and advanced matching options.

Walks through creating and managing custom chains in iptables for specialized logging.

Describes libnetfilter_queue to manage traffic in user land for debugging rules.

Introduction to ip sets for efficient management of IP addresses in firewall rules.

Useful iptables commands for clearing and restoring firewall rules effectively.

List of resources for deeper understanding of Linux firewalls and iptables concepts.

Promotes the author's blog focused on learning Network Programming.

Understanding iptables

  • 1.
  • 2.
  • 3.
    Stateless firewall iptables -AINPUT -p tcp --dport 80 -j ACCEPT
  • 4.
    Stateful firewall iptables -AINPUT -p tcp -m conntrack --ctstate ESTABLISHED -j ACCEPT iptables -A INPUT -p tcp --dport 80 -m conntrack --ctstate NEW -j ACCEPT
  • 5.
    Logging iptables -A INPUT-p tcp --dport 80 -m conntrack --ctstate NEW -j LOG --log-prefix “In Http:”
  • 6.
    Tables overview Filter isa default table. So, if you don’t define you own table, you’ll be using filter table. Each table has a number of predefined chains inside. You can create your own chain. Filter Input Forward Output Nat Output Prerouting Postrouting Mangle Input Prerouting Postrouting Output Forward Raw Output Prerouting
  • 7.
    Tables in shell iptables-t mangle -A POSTROUTING -o $NETCARD -p tcp -m connbytes --connbytes 10000000: --connbytes-mode bytes --connbytes-dir both -j CONNMARK --set-mark 999 iptables -t mangle -A INPUT -i eth0 -p tcp --dport 80 -m string --string ”get /admin http/” --icase --algo bm -m conntrack --ctstate ESTABLISHED -j DROP iptables -t filter -A input -p tcp --dport 22 -m time --datestart “” --datestop “” --utc --j DROP
  • 8.
    Custom chains Create anew chain iptables -N LOGDROP Add chain rules iptables -A LOGDROP -j LOG --log-level 4 --log-prefix 'SourceDrop ' iptables -A LOGDROP -j DROP Add chain rules to iptables rules iptables -A INPUT -s 10.0.0.0/8 -j LOGDROP
  • 9.
    Netfilter in userland libnetfilter_queue is used to divert traffic to user application Packets are not duplicated User application has to inject a packet back Useful for debugging rules
  • 10.
    ip sets Constant timehash lookup modprobe ip_set ipset -N droplist nethash ipset -add droplist 192.168.1.0/24 iptables -A INPUT -m set --set droplistsrc -j DROP
  • 11.
    Useful commands Drop allrules iptables -F Quickly restore rules iptables-restore <rules list file>
  • 12.
    References Designing and ImplementingLinux Firewalls with QoS using netfilter, iproute2, NAT and L7-filter Netfilter & Iptables Elements Linux Firewall Tutorial: IPTables Tables, Chains, Rules Fundamentals Understanding Linux Network Internals iptables book Iptables targets and jumps Security in Linux
  • 13.