Skip to main content

Mastering Iptable Command Line Usage Linux Networking

Some of the most useful commands related to iptable,


  1. To display filter table rules.
  2. #iptables -t filter -L

  3. To display nat table rules.
  4. #iptables -t nat -L

  5. To display raw table rules
  6. #iptables -t raw -L

  7. To display mangle table rules.
  8. #iptables -t mangle -L


    To delete all rules in the filter,nat,raw and mangle table.
    #iptables -t filter -D
    #iptables -t nat -D
    #iptables -t raw -D
    #iptables -t mangle -D

    Set up IP FORWARDing and Masquerading
    # iptables --table nat --append POSTROUTING --out-interface eth0 -j MASQUERADE
    The above rule will do source nating.
    ( It will set eth0 IP address as source address for all outgoing packets on interface eth0.)
    # iptables --append FORWARD --in-interface eth1 -j ACCEPT

Port forwading
# iptables -t nat -A PREROUTING -i eth0 -d --dport -j DNAT --to
The above rule will change the destinationIP:portnumber of the incoming packet to private.IP:portnum
Enabing the packet forward in the kernel with proc entry.
#echo 1 > /proc/sys/net/ipv4/ip_forward


iptables is a user space application program that allows a system administrator to configure the tables provided by the Linux kernel firewall (implemented as different Netfilter modules) and the chains and rules it stores. Different kernel modules and programs are currently used for different protocols; iptables applies to IPv4, ip6tables to IPv6, arptables to ARP, and ebtables as a special for Ethernet frames.
source


Comments

Popular posts from this blog

Dotnet, .Net 3.5, 2.0, C# Interview Questions

Few questions on dotnet, C# 2.0, 3.5 On Object oriented concepts 1)What is inheritance with e.g 2)What is polymorphism -function overloading -Function overriding -virtual keyword use -Static keyword and use -Abstract classes -Interface -Object 3)What is threading and how do we use in realtime application(cognizant) 4)What is threadpooling, lock, monitor(write code sample) 5)Architecture of current project 6)Session state, diffrent types of state management. 7)What is Application_Start, how it works. 8)Type of authentication in asp.net 9)How to configure ASP.NET application. 10) What is Impersonation. 11) What is WebService, WSDL, UDDI, Discovery, asmx files. 12) How to implement WebService and use it. 13) When to use WebServices. 14) WPF, how to implement(BOA) 15) Testing concvepts. 16) Test attributes 17) Flow of Automation Test Method execution 18) Features of dotnet 3.5 19) CLR, garbage collection 20) Finally block 21) Manifest, Metadata, MSIL 22) Assemblies, Type of assemblies, str...

Linux SMB write performance With Simple Tips

SMB write performance can be increased by Tuning the buffer cache. The secret to good performance is to keep as much of the data in memory for as long as is possible. Writing to the disk is the slowest part of any filesystem. If you know that the filesystem will be heavily used, then you can tune this process for Linux Samba. writing out dirty blocks to the disk until the filesystem buffer cache is 80 percent full (80). default is 40%, source = http://tldp.org/LDP/solrhe/Securing-Optimizing-Linux-RH-Edition-v1.3/chap29sec287.html by writing echo 80 > /proc/sys/vm/dirty_ratio I am getting around 2MB increase while write operation, tested in Xp. I have tried with this single option, as the ref source is for linux 2.2 and we are using 2.6 kernel. we can try out Linux General Optimization suggested at http://tldp.org/LDP/solrhe/Securing-Optimizing-Linux-RH-Edition-v1.3/gen-optim.html Tried with smb.conf, I am getting around 1MB gain while read and write. socket options = TCP_NODELAY I...

The Linux Foundation Free Training Program at linuxfoundation

The Linux Foundation Training Program is: * For the Community, by the Community. The Linux Foundation is building the program with its Technical Advisory Board to ensure the content, instructors and classes are the top quality available. * Technically the most advanced. Since the Linux Foundation works directly with community developers, it can cover features and advances in Linux before commercial companies. * Connected. The Linux Foundation has unfettered access to the leading developers and companies in the Linux ecosystem and will use these connections to best position attendees for success. For example, attendees can attend the exclusive, invite-only Collaboration Summit where they can forge connections beneficial to their career. * Real World. The Linux Foundation training courses all have hands on components and a highly rigorous curriculum of programming or administration exercises. Graduates will be well equipped to master Linux programming and system administr...