Clever Geek Ideas

IPTables Setup: Case Studies

Linux, Linux , . IPTables — Linux .

, Linux, . , Ip- . , , . , , . , IPTables.

IPTables

Linux. , SSH, HTTP, . , . IPTables :

  1. INPUT.
  2. FORWARD.
  3. OUTPUT.

Linux , Debian, Ubuntu, CentOS Fedora. IPTables . , . , , .





Firewall and IPTables Basics




, :

  1. SSH.
  2. .
  3. Http-.

SSH , No 1, Http- - , No2, No3.

IPTables : . . — . , , , .

, . , . , .

IPTables . . , . , . , , - . , .





. , .

:

  1. PREROUTING . INPUT, FORWARD.
  2. - , .
  3. FORWARD - , . , .
  4. OUTPUT - , .
  5. POSTROUTING .

IPTables CentOS 7 . , , . , INPUT, FORWARD, OUTPUT .

Linux , . , , . , .

IPTables CentOS 7. , , , . , , , .

IPTables Ubuntu Server, , / etc / sysconfig . IPTables .

Download system configuration settings




next boot step




, . . INPUT, FORWARD OUTPUT ACCEPT. , , , .

. , , . INPUT FORWARD. . , IPTables, , .

IPTables Linux , Linux . . , , Ip- , . , IPTables .

Packet flow checked by IPTables




"" ( ) , "" ( ) . "" . , , Web Proxy. , "" "". IPTables Nat . , - .

"" , "" . .

Rules for the chain




, IP- IP . , . , IP- IP "". Ip-, Ip- , , IP- .

-

Debian IPTables, , IPTables.

Creating a rule set




, , . . , , , . :

  1. A — . INPUT, FORWARD OUTPUT, , , INPUT, .
  2. L - .
  3. M conntrack - ctstate.
  4. Ctstate - .
  5. Dport - , .
  6. J - . IPTables Ubuntu : ACCEPT — ; REJECT — ; DROP — ; LOG — . -log-prefix -log-level .
  7. Log-prefix — , . .
  8. Log-level — syslog.
  9. I — , .

( Linux) . , , . . /etc/network/iptables :

sudo nano /etc/network/iptables.

:

Setting firewall rules




IPTables [Ctrl] + [X]> Y> [Enter]. IPTables:

sudo iptables-restore /etc/network/iptables.

, , :

sudo iptables-save.

DNS-

- SSH, , . , , , 80 443 -.

DNS resolution




DNS , FTP, , , UDP, TCP. DNS, Centos IPTables, TCP UDP.

DNS-, .

— IPTables , . , DNS . : X domain, Y TLD. X - , Y - TLD.

iptables to block packages




IP-

, . IP- IP-.

IP range




, , 80. IP 192.168.123.0/24. , .

IPTables , . , 80, iprange 80. 3 INPUT — , . - , ip.

Linux IPTables . Red Hat Live IPTables, init. /etc/sysconfig/iptables. init , .

: # /etc/init.d/iptables save

ip_conntrack_ftp, /etc/sysconfig/iptables-config , :

# vi /etc/sysconfig/iptables-config.

iptables / ip6tables , . . . , , .

, iptables-save iptables-restore, . : iptables-save > iptables.rules. . , : iptables-restore.

, , IPTables — . , RHEL CentOS, «iptables-services», : sudo yum install iptables-services.

iptables-save/restore . , .

Asterisk IP-

AsteriskNOW — CentOS Asterisk FreePBX. - « » Asterisk, . , root, Asterisk, CentOS , Asterisk , FreePBX Pin- . Asterisk SIP.

:

  1. DNS Ip-, , YOUR_HOSTNAME.no-ip.com.
  2. Asterisk , . Ip- .
  3. IPTables :
Asterisk Protection




IPTables Asterisk , , Ip-. , , , .

INPUT, . FORWARD , . OUTPUT , .



More articles:


All Articles