IPTables — , Linux. . iptables, . .
IPTables Linux IPFW, BSD. , 2.4 Linux, Netfilter IPTables . .
IPTables
, . . PREROUTING. , . , , , TCP, FORWARD. , , INPUT, , . , OUTPUT. POSTROUTING.
. . , , .
. , — , . , .
, , . , , , ACCEPT, DROP, .
:
- PREROUTING. .
- INPUT. , .
- FORWARD. « », .
- OUTPUT. .
- POSTROUTING. .
, .
IPTables
, . IPTables IPTables. , , .
: iptables [-t ] [] [ ].
, ? . , filter. - -t. , , IPTables . «» , . «» , , .
IPTables
:
- Append (-A). , . , .
- Delete (-D). , . , .
- Rename-chain (-E). . , .
- Flush (-F). .
- Insert (-I). , .
- List (- L). Iptables. , filter .
- Policy (-P). .
- Replace (-R). , .
- Delete-chain (-X). . .
- Zero (-Z). .
:
- . . , , .
- . .
- . , , netfilter. -m.
, :
- Protocol (-p). .
- Source (-s). IP , . . , .
- Destination (-d). . , , .
- In-interface (-i). . NAT .
- Out-interface (-o). .
, IPTables nat? - «iptables -L -t nat». - «iptables -L -n -v». IPTables, . , , - «iptables -I INPUT 2 -s 202.54.1.2 -j DROP». , - «iptables -L INPUT -n --line-numbers».
, , 12.12.12.12 - «iptables -A INPUT -s 12.12.12.12 -j DROP».
iptables - «man iptables». - «iptables -j DROP -h».
Use IPTables commands with caution, as improper configuration (out of ignorance) can lead to network failures or its complete failure. Therefore, it is worthwhile to study in detail the manuals and instructions before configuration. In the right hands, IPTables can be turned into a reliable protector of network connections. System administrators actively use the utility to create connections isolated from unauthorized access.