What is iptables in Linux?
What is iptables in Linux? We can call, it’s the basics of Firewall for Linux. Iptables is a rule based firewall system and it is normally pre-installed on a Unix operating system which is controlling the incoming and outgoing packets. By-default the iptables is running without any rules, we can create, add, edit rules into it.
In this article I am trying to explain the basics of iptables with some common practices.
Hope, this topic will give you the basics of iptables.
Basic structure of iptables
The default structure of iptables is like, Tables which has Chains and the Chains which contains Rules.
Tables —> Chains —> Rules. The rules are defined to control the packets for Input/Output.
List of different Tables in iptables structure
Here is list of iptables Tables and corresponding Chains.
1. Filter Table
It is the default table in iptables. There is no need to specify the table name for defining the Rules. Different inbuilt chains in this table.
1.1 INPUT Chain
INPUT Chain is for managing packets input to the server. Here we can add Rules to control INPUT connections from remote to the server.
1.2 FORWARD Chain
To add Rules to manage packet connections from one network interface(NIC) to another on the same machine.
1.3 OUTPUT Chain
The OUTPUT Chain control packets from the server to outside. Here we can add different rules to manage outbound connection from the server.
2. NAT table
Network address translation (NAT) is a methodology of modifying network address information in Internet Protocol (IP) datagram packet headers while they are in transit across a traffic routing device for the purpose of remapping one IP address space into another. The default inbuilt chains for NAT tables are;
2.1 PREROUTING chain
As the name indicates its translate packets before routing.
2.2 POSTROUTING chain
Translate packets after routing completes.
2.3 OUTPUT chain
3. Mangle table
This table is used for packet alternation. Different inbuilt chains are;
3.1 PREROUTING chain
3.2 OUTPUT chain
3.3 FORWARD chain
3.4 INPUT chain
3.5 POSTROUTING chain
A graphical view:
IPtables command to list Rules in all tables (Filter, NAT, Mangle)
Hope you got the idea of “What is iptables in Linux.” Yes, it is very important to find the current rules in the chains of the iptables tables. The iptables has a wide verity of switches to manage this via CLI. For listing rules in different tables we can use the switch “–list” along with switch “-t” to select the iptables tables. Here is some usages and examples are listed.
-t : For define tables.
–list : For list all rules from the selected table.
How to list all rules from the Filter table of iptables?
As I mentioned, the filter table is the default Iptables table. We can simply mange this table with out specifying the table name. See the examples pasted.
iptables -t filter --list or iptables -t filter -L
iptables --list or iptables -L
root@test [~]# iptables -t filter --list Chain INPUT (policy ACCEPT) target prot opt source destination acctboth all -- anywhere anywhere Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination
How/command to list all rules from the NAT table of iptables?
We need to mention the table name with the help of the switch “-t” to manage the rules excluded the Filter table.
Use -t followed by the table name “nat” to mange rules in the NAT table.
iptables -t nat --list or iptables -t nat -L
root@test [~]# iptables -t nat -L Chain PREROUTING (policy ACCEPT) target prot opt source destination Chain POSTROUTING (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination
How/command to list all rules from the Mangle table of iptables?
Replace the -t section with “mangle” to mange the Mangle table of iptables.
iptables -t mangle --list or iptables -t mangle -L
root@test [~]# iptables -t mangle --list Chain PREROUTING (policy ACCEPT) target prot opt source destination Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain POSTROUTING (policy ACCEPT) target prot opt source destination
How to block incoming/outgoing network access for a single user using iptables?
Hmm… Every SysAdmin, who love to play with Linux iptables must know, how iptables deal networking for a single user. You need to dig more on Linux iptables to get this option. Yeah, it’s possible!! Linux iptables has a special module to deal with this operation. This iptables module is called “owner” (ipt_owner).
Before starting, you must have the basics of iptables.. Please read the post added below to get a clear intro on Linux iptables: Read more..