Iptables is a type of firewall that is installed when you download official Ubuntu distributions. Iptables does not require an additional download, but comes by default with Ubuntu. Iptables can be tricky at first if you are not familiar with the software. As a beginner in the field of IT, you should know about more than just 2 factor authentication. In this post, software users can discover five simple lessons to help grasp iptables.
Iptables has three different types of chains to choose from. These include input, forward and output. Users determine the default behavior of each of the chains. These chains are enacted if a connection does not match any of the pre-existing rules. The input chain controls the behavior for incoming connections. The forward chains controls incoming connections that are not being sent locally. The output chain controls behavior for outgoing connections. The three types of chains and their behavior is the first piece of iptables to learn.
Responses on iptables are connection-specific and required for cyber security. You can decide on these responses after choosing the default behavior of your chains. These responses are software user-created rules that decide how iptables will react to different connections. The three most common responses include block, accept, and reject. In this post, we will explore the three connection-specific responses below.
Blocking or dropping the traffic acts like it never happened. The connection is dropped and the connection source will not realize that your system exists. Iptables allows users to block however much or little they want. You can block specific ports and IP addresses. You can also block all outgoing and incoming traffic, except required traffic. There are different commands based on what you want to block, which you can find online. Blocking traffic is important for software users to know about, since iptables was built as a firewall.
Accepting traffic allows a connection to be made between integer computers. One of the easiest ways to accomplish this is by blocking all traffic, then allowing connections from a specific source. Allowing traffic is a pretty short command to add. Again, you can find the commands online and choose one which best fits your needs. Allowing traffic is the second iptables response.
Rejecting traffic does not allow the connection and sends an error. Doing this allows a source to see that your firewall blocked them, unlike blocking traffic. As a general rule, reject instead of block when you want a source to see that you are unreachable. Usually, all LAN connections are rejected, while Internet connections are dropped. Software users all have their own opinions about whether to drop or reject. You can find the reasons for each online, but in the end, the decision is yours. Rejecting traffic is the third and final iptables reponse.
One last command will help you to list all of your information numerically, which can make finding things much, much simpler. Adding the term “-n” will organize your list of hostnames, protocols and networks by number, similar to how AS2 software functions. You can also use a flush command to get rid of any rules you previously configured by entering “iptables -F”. These two commands can make your life and work much simpler.
Ipables is no longer the only one of its kind. Nftables was developed and merged into the Linux kernel mainline back in version 3.13 of release. This is important to note for many users. In the world of technology, things move very rapidly. You do not want to be left behind. Be sure to familiarize yourself with the new Nftables to stay current in the technology field.
Iptables offers a lot of commands and customization for users. Some users even discover neat tricks that can be done with iptables, such as address spoofing and bogus packets. Before getting there, software users need a lesson on iptables basics. There are three types of chains on iptables, each with its own chain behavior. There are also three types of responses on iptables, which include allowing, dropping, or rejecting traffic. With this post, software users will now understand the basics of using iptables.
Image from http://www.yourownlinux.com/2013/05/iptables-linux-firewall.html