basics

if you don’t know what data packets are, watch the video to clear your doubts click here. iptables is a firewall utility program that is built for Linux distributions. iptables has some rules. rules control the traffic over the computer. iptables comes pre-installed in Kali Linux.

in iptables, we have some group of rules that called chain.

if you are using some other Linux distribution and are not able to find the iptables. install it by this command:

sudo apt-get install iptables

now you have iptables and we can go further.

if you have an older version of kali Linux, I recommend you to update it.

uses of iptables:

now, there are some default chains. we can see those by this command:

iptables -L -v

as you can see the output

Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target     prot opt in     out     source             destination         

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target     prot opt in     out     source             destination         

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target     prot opt in     out     source             destination

it should look like this if you have not teased the config. before.

as you can see we have three chains here.

INPUT, FORWARD, OUTPUT

input chain stands for the incoming traffic.

forward chain stands for incoming traffic that suppose to be forwarded.

output chain stands for the traffic that is going through your server.

targets:

we have targets for what we wanna do with data packets(traffic). there are three targets:

ACCEPT- accept data from a server/client.

DROP- not to accept data from a server/client.

RETURN-  It means to skip the current chain and go back to the next rule from the chain it was called in.

let’s mix these all and try to make some our own rule:

to block incoming traffic from an IP

iptables -I INPUT -i <interfacename> -s <ip> -j DROP

this command will insert this rule to the INPUT chain.

to block incoming traffic on a port

iptables -I INPUT -i <interface> -s <ip> --destination-ports<port-no.> -j DROP

you can just add more ports in the rule by using a comma and using -m multiports

to make a rule for a special protocol

iptables -I INPUT -i <interface> -p <udp/tcp/icmp> -j ACCEPT

you can choose a protocol by typing it.

add a comment to a connected host

iptables -I INPUT -i <interface> -m comment --comment "type your comment" -j ACCEPT

 

note- this tutorial is for only ip4 version.

you can just simply replace the value of -i and -j to understand more.

you can also change the chain value like INPUT to FORWARD.

 

thanks for visiting

RELATED ARTICLESMORE FROM AUTHOR

LEAVE A REPLY

Please enter your comment!
Please enter your name here