IPTables Tips and Tricks - Revision history

Kalebl at 04:57, 17 July 2015

2015-07-17T04:57:56Z

Kalebl at 04:55, 17 July 2015

2015-07-17T04:55:16Z

Kalebl at 04:53, 17 July 2015

2015-07-17T04:53:53Z

Kalebl: Created page with "Category:TipsAndTricks ==Connecting to Server== These commands are ran in a shell session. You can connect to a shell session using the following suggestions depending on..."

2015-07-17T04:45:34Z

Created page with "Category:TipsAndTricks ==Connecting to Server== These commands are ran in a shell session. You can connect to a shell session using the following suggestions depending on..."

New page

[[Category:TipsAndTricks]]
==Connecting to Server==
These commands are ran in a shell session. You can connect to a shell session using the following suggestions depending on your operation system. 
=====Windows=====
[http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html PuTTY] or [http://www.mremoteng.org/download mRemoteNG]
=====Mac or Linux=====
Open up terminal and run the following line, replacing "'''servername'''" with the IP address of the server, or it's hostname. 
<code>ssh root@servername</code> 
 
Note: If the server has SSH running on a port other then port 22, you can specify the port number like in the example below. 
<code>ssh root@servername -p 22</code>
==Common Commands==
===Open Port===
Opening a port in IP tables only takes one command. Below is an example of the to allow a port. replace "'''80'''" with the port number you wish to open. 
<code>iptables -A INPUT -p tcp --dport 80 -j ACCEPT</code>

===Close Port===
Closing a port in IP tables is much like opening a port. Below is an example of the to block a port. replace "'''80'''" with the port number you wish to block. 
<code>iptables -A INPUT -p tcp --dport 80 -j DROP</code>

===List Active Rules===
Listing the active rules will output and of the entries in IP tables, as well as what chain the entries are listed under, and the default policy for that chain. 
<code>iptables -L</code> 
 
If you want to search for something specific, such as an IP address or a hostname, you can append a "'''| grep x'''" (Seen in the example below) to the rule to filter for the string you are looking for. 
<code>iptables -L | grep 123.45.67.89</code>

===Delete Rule===
Deleting a rule requires a little bit more work than the other options. You will need to first list the IP tables entries, and find: 
[1]: The chain that the rule is located in. 
[2]: The number of the rule in the chain. 
 
This can be done by running: 
<code>iptables -L --line-numbers</code> 
 
If the output is to long to be able to see it all, run the following, and it will put the output into "Less" a text reader which you can scroll through with the arrow keys. 
<code>iptables -L --line-numbers | less</code> 
 
Once you find the rule's chain name.
Chain Name
|
Chain DENYIN (1 references)
And the rules number id in that chain.
Rule Number
|
5 DROP all -- 127.0.0.1 anywhere
you can piece the delete commend together like this: 
Chain Name Rule Number
| |
iptables -D DENYIN 5

After deleting the rule, you should be able to list the IP tables rule's again, <code>iptables -L --line-numbers</code> and find that the rule number is missing, or has another rule in its place. IP tables will move all the rules lower that the deleted rule up in the list to compensate for the rule being removed.

@@ Line 1: / Line 1: @@
-[[Category:Linux VPS]]
+[[Category:Linux-VPS]]
 ==Connecting to Server==
 These commands are ran in a shell session. You can connect to a shell session using the following suggestions depending on your operation system.<br />

@@ Line 1: / Line 1: @@
-[[Category:TipsAndTricks]]
+[[Category:Linux VPS]]
 ==Connecting to Server==
 These commands are ran in a shell session. You can connect to a shell session using the following suggestions depending on your operation system.<br />

← Older revision		Revision as of 04:53, 17 July 2015
Line 51:		Line 51:

	After deleting the rule, you should be able to list the IP tables rule's again, <code>iptables -L --line-numbers</code> and find that the rule number is missing, or has another rule in its place. IP tables will move all the rules lower that the deleted rule up in the list to compensate for the rule being removed.		After deleting the rule, you should be able to list the IP tables rule's again, <code>iptables -L --line-numbers</code> and find that the rule number is missing, or has another rule in its place. IP tables will move all the rules lower that the deleted rule up in the list to compensate for the rule being removed.
		+
		+	''Keywords: iptables, IP Tables, ip tables, tips and tricks''