If we talk about firewall the first thing that comes to our mind is a software “Barrier” between a system and a network it may be either internal or external. The purpose of this software is to protect our system from various threats. This network security system, can be used to control incoming and outgoing network traffic based on a specific set of rules. This firewall can be used in various devices like routers .
Now if we talk about it is a kernel (or in other word a piece of software )acting on hardware.
So the kernel provides us with XTABLES which stores chins and all the rule ,act as a firewall in system. XTABLE consist of different modules for different protocols. The various modules are:-
1 > iptables applies to IPv4
2> ip6tables to IPv6
3> arptables to ARP
4> ebtables for Ethernet frames
SO our current focus will be on iptables ,what is IPTABLES ???
Its a built in firewall application fro configuring the tables provided by the LINUX KERNEL FIREWALL . Two major things associated with these utilities or application are its chain and rule.
iptables is command that uses the concept of chains to handle the network traffic .It places the rules into chains which are checked against the network traffic.Decisions are made as to what to do with the packets based on these rules (i.e whether the packet should be accepted or dropped). The predefined chains are as follows
PREROUTING: Packets will enter this chain before a routing decision is made.
INPUT: Packet is going to be locally delivered. It does not have anything to do with processes having an opened socket; local delivery is controlled by the “local-delivery” routing table:
ip route show table local.
FORWARD: All packets that have been routed and were not for local delivery will traverse this chain.
OUTPUT: Packets sent from the machine itself will be visiting this chain.
POSTROUTING: Routing decision has been made. Packets enter this chain just before handing them off to the hardware.
Tables associated with Iptables are :-
Filter table , NAT table, Raw Table, Mangle Table
Rules are :- ACCEPT , DROP, QUEUE, RETURN
Their are various flags associated with iptables like
-A to add a rule
-p to indicate the protocol
-s to indicate the source of packet
-d to indicate the destination
-dport port number of the destination port
-sport port number of the source port
their are various other flags for which u can refer the man page
You can use the iptables service using command:-
service iptables start/stop/restart/status