Linux has an extremely powerful built-in firewall, referred to as iptables. It works on IP addresses, protocols (tcp, udp, icmp) and ports. Iptables places rules into predefined chains (INPUT, OUTPUT and FORWARD) which are checked against the netowrk traffic and then as per the rule the traffic is accepted/blocked to/from the system.
1) You can list the iptables rules on the command prompt using the command below:-
iptables -nL
2) In case you would like to flush/remove the inbuilt iptable rules:-
iptbales -F
After this, save the iptables rules to their file as below:-
/etc/init.d/iptables save
3) Writing a basic rule to iptables for the INPUT chain in order to block SSH on port 22:
iptables -A INPUT -p tcp –dport 22 -j ACCEPT
Similarily for the SMTP port 25:-
iptables -A INPUT -p tcp –dport 25 -j ACCEPT
After this, remember to save the rules as below:-
/etc/init.d/iptables save
If we don’t save the changes, then after restarting iptables or the system the rules will be gone.
That’s all.
]]>