jeudi 12 mai 2016

Firewall configuration with iptables

A very interesting command

itables -L
Let you see the list of rules
iptable -J
List the rules in something very similar to a command line (in case you want to imitate a rule)

Dropping outbound port or host

iptables -I OUTPUT -d 192.168.1.22 -j DROP

-I for inserting a rule
OUTPUT to select an outbound rules
-d to select destination
-j to select the action on the packet
Desacitvating iptables on centos 7
 service firewalld stop

Editing the ports in firewal
 vi /etc/firewalld/zones/public.xml

Removing a rule

iptables -D OUTPUT -d 192.168.1.22 -j DROP

Adding a rule

iptables -A INPUT -p tcp --dport 8009  -j ACCEPT
 ou

iptables -A INPUT -p tcp --dport 8009 -m conntrack  --ctstate NEW,ESTABLISHED -j ACCEPT
A list of interesting command for configuring firewall in CentOs 7 
 


firewall-cmd --state
  view status of firewalld service (systemctl status firewalld) 
 
firewall-cmd --zone=public --list-all
  gets all info for the “public” zone 
 
firewall-cmd --list-all-zones
  shows all info for all zones 
 
firewall-cmd --zone=public --add-port=80/tcp --permanent
  adds port 80 to public zone 
 
firewall-cmd --zone=public --add-service=http --permanent
  adds service http to public zone 
 
firewall-cmd --reload
  run this after making changes 
 
firewall-cmd --zone=public --remove-port=80/tcp --permanent
  to remove port 80 from public zone 
 
firewall-cmd --get-default-zone
  shows default zone for firewall 
firewall-cmd --get-active-zones
  zones where network interfaces or sources are assigned
à
Libellés : , , ,

Aucun commentaire:

Enregistrer un commentaire

Inscription à : Publier les commentaires (Atom)