Docsity
Log inSign up
Docsity
Prepare for your exams
Prepare for your exams

Study with the several resources on Docsity

Earn points to download
Earn points to download

Earn points by helping other students or get them with a premium plan

Guidelines and tips
Guidelines and tips
Sell on Docsity
Sell on Docsity
Log inSign up

Prepare for your exams

Study with the several resources on Docsity

Find documents

Prepare for your exams with the study notes shared by other students like you on Docsity

Search Store documents

The best documents sold by students who completed their studies

Search through all study resources
Docsity AINEW

Summarize your documents, ask them questions, convert them into quizzes and concept maps

Explore questions

Clear up your doubts by reading the answers to questions asked by your fellow students

Earn points to download

Earn points by helping other students or get them with a premium plan

Share documents
download point icon20 Points

For each uploaded document

Answer questions
download point icon5 Points

For each given answer (max 1 per day)

All the ways to get free points
Get points immediately

Choose a premium plan with all the points you need

Study Opportunities

Choose your next study program

Get in touch with the best universities in the world. Search through thousands of universities and official partners

Community

Ask the community

Ask the community for help and clear up your study doubts

University Rankings

Discover the best universities in your country according to Docsity users

Free resources

Our save-the-student-ebooks!

Download our free guides on studying techniques, anxiety management strategies, and thesis advice from Docsity tutors

From our blog

Exams and Study
Go to the blog

iptables Cheat Sheet: A Comprehensive Guide to Firewall Rules and Commands, Cheat Sheet of Computer Systems Networking and Telecommunications

Grace Christian UniversityComputer Systems Networking and Telecommunications

Typology: Cheat Sheet

2020/2021

Uploaded on 04/23/2021

dyanabel
dyanabel ๐Ÿ‡บ๐Ÿ‡ธ

4.7

(20)

288 documents

1 / 1

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
iptables โ€œcheat sheetโ€ - For your convenience!
General command syntax:
iptables๎˜๎˜ƒcommand
๎˜
๎˜ƒCHAIN๎˜ƒ๎˜options๎˜ƒ๎˜action๎˜ƒ
๎˜ƒ
Commands:
๎˜L๎˜ƒโ†’๎˜ƒ๎˜List all currently inserted rules
๎˜F๎˜ƒ/๎˜ƒ๎˜๎˜flush๎˜ƒโ†’๎˜ƒ๎˜Delete all rules currently inserted
๎˜A๎˜ƒโ†’๎˜ƒ๎˜โ€œAppendโ€: add a rule to a specific chain
๎˜ƒ
Chains:
INPUT๎˜ƒ๎˜ƒ๎˜ƒโ†’๎˜ƒ๎˜Chain for packets targeted to your machine
FORWARD๎˜ƒโ†’๎˜ƒ๎˜Chain for packets that your machine will route
OUTPUT๎˜ƒ๎˜ƒโ†’๎˜ƒ๎˜Chain for packets that your machine sends out
๎˜๎˜policy๎˜ƒCHAIN๎˜ƒDROP/ACCEPT๎˜ƒโ†’๎˜ƒ๎˜Set default behaviour for a chain
๎˜ƒ
Options:
๎˜d๎˜ƒ/๎˜ƒ๎˜s๎˜ƒโ†’๎˜ƒ๎˜Filter by destination/source IPs
๎˜p๎˜ƒTCP๎˜ƒโ†’๎˜ƒ๎˜Filter TCP packets
๎˜๎˜dport๎˜ƒ/๎˜ƒ๎˜๎˜sport๎˜ƒ#/name๎˜ƒโ†’๎˜ƒ๎˜Filter by port # (or service, such as http, sshโ€ฆ)
๎˜๎˜tcp๎˜flags๎˜ƒALL๎˜ƒ๎˜FLAG
๎˜
๎˜ƒโ†’๎˜ƒ๎˜Filter by flag. ๎˜ALL๎˜ƒ๎˜means โ€œinspect all packetsโ€,
substitute ๎˜FLAG
๎˜
๎˜ƒ๎˜with the flag you want to filter
๎˜ƒ
๎˜m๎˜ƒ๎˜MODULE
๎˜
๎˜ƒโ†’๎˜ƒ๎˜Load an extension (for this lab: ๎˜string๎˜/๎˜state๎˜)
๎˜๎˜string๎˜ƒ๎˜โ€œpatternโ€
๎˜
๎˜ƒโ†’๎˜ƒ๎˜Match ๎˜โ€œpatternโ€
๎˜
in packets
๎˜๎˜algo๎˜ƒbm๎˜ƒโ†’๎˜ƒ๎˜Use Boyer-Moore for pattern matching
๎˜๎˜state๎˜ƒ๎˜OPTION
๎˜
๎˜ƒโ†’๎˜ƒ๎˜Filter by connection state. Can be ๎˜NEW๎˜, ๎˜RELATED๎˜, ๎˜ESTABLISHED๎˜ or
INVALID๎˜ƒ
๎˜ƒ
Actions:
๎˜j๎˜ƒDROP/ACCEPT๎˜ƒโ†’๎˜ƒ๎˜Action to take on matched packets๎˜ƒ

Partial preview of the text

Download iptables Cheat Sheet: A Comprehensive Guide to Firewall Rules and Commands and more Cheat Sheet Computer Systems Networking and Telecommunications in PDF only on Docsity!

iptables โ€œcheat sheetโ€ - For your convenience!

General command syntax:

iptables command CHAIN options action

Commands: L โ†’ List all currently inserted rules F / flush โ†’ Delete all rules currently inserted A โ†’ โ€œAppendโ€: add a rule to a specific chain

Chains: INPUT โ†’ Chain for packets targeted to your machine FORWARD โ†’ Chain for packets that your machine will route OUTPUT โ†’ Chain for packets that your machine sends out

policy CHAIN DROP/ACCEPT โ†’ Set default behaviour for a chain

Options: d / s โ†’ Filter by destination/source IPs p TCP โ†’ Filter TCP packets dport / sport #/name โ†’ Filter by port # (or service, such as http, sshโ€ฆ) tcp flags ALL FLAG โ†’ Filter by flag. ALL means โ€œinspect all packetsโ€, substitute FLAG with the flag you want to filter

m MODULE โ†’ Load an extension (for this lab: string/state) string โ€œpatternโ€ โ†’ Match โ€œpatternโ€ in packets algo bm โ†’ Use Boyer-Moore for pattern matching state OPTION โ†’ Filter by connection state. Can be NEW, RELATED, ESTABLISHEDor INVALID

Actions: j DROP/ACCEPT โ†’ Action to take on matched packets