Iptables Commands for Linux Networking

Some of the most useful commands related to iptables to control the interface of network.

Display filter table rules.
#iptables -t filter -L

Display nat table rules.
#iptables -t nat -L

Display raw table rules
#iptables -t raw -L

Display mangle table rules.
#iptables -t mangle -L

Delete all rules in the filter,nat,raw and mangle table.
#iptables -t filter -D
#iptables -t nat -D
#iptables -t raw -D
#iptables -t mangle -D

Set up IP FORWARDing and Masquerading
# iptables –table nat –append POSTROUTING –out-interface eth0 -j MASQUERADE
The above rule will do source nating.
( It will set eth0 IP address as source address for all outgoing packets on interface eth0.)
# iptables –append FORWARD –in-interface eth1 -j ACCEPT

Port forwading
# iptables -t nat -A PREROUTING -i eth0 -d –dport -j DNAT –to

The above rule will change the destinationIP:portnumber of the incoming packet to private.IP:portnum
Enabing the packet forward in the kernel with proc entry.

#echo 1 > /proc/sys/net/ipv4/ip_forward

iptables is a user space application program that allows a system administrator to configure the tables provided by the Linux kernel firewall (implemented as different Netfilter modules) and the chains and rules it stores. Different kernel modules and programs are currently used for different protocols; iptables applies to IPv4, ip6tables to IPv6, arptables to ARP, and ebtables as a special for Ethernet frames.

 

Leave a Reply