important iptables rules (Block domain,ip,redirect url, Redirect ports …… etc) FIREWALL

important iptables rules

###########################
Block website in iptables / Block domain in iptables

# iptables -A FORWARD ! -s 70.35.206.118/24 -m string –string “facebook.com” –algo bm –to 65535 -j DROP

-A FORWARD ! -s 70.35.206.0/24 -m string –string “facebook.com” –algo bm –to 65535 -j DROP

click here to watch video

________________________________________________________________________________________________

Block ip adress in iptables

Then you can block IP address 192.168.1.2 in the server with this command:

iptables -A INPUT -s 192.168.1.2 -j DROP

Then you can block outoging IP address 192.168.1.2 from the server with this command:

iptables -A OUTPUT -d 192.168.1.2 -j DROP

click here to watch video

_______________________________________________________________________

redirect url to another url /redirect domain to another domain

# iptables -t nat -I PREROUTING -p tcp –dport 80 -d 217.160.0.99 -j DNAT –to-destination 172.217.9.46
# iptables -t nat -I PREROUTING -p tcp –dport 443 -d 217.160.0.99 -j DNAT –to-destination 172.217.9.46

-A PREROUTING -d 217.160.0.99/32 -p tcp -m tcp –dport 443 -j DNAT –to-destination 172.217.9.46
-A PREROUTING -d 217.160.0.99/32 -p tcp -m tcp –dport 80 -j DNAT –to-destination 172.217.9.46

iptables-save
service iptables reload

click here to watch video

_________________________________________________________________________

open and block ports (open only 22 , 80 , 443 , 1723) in iptables

iptables -F
iptables -X
iptables -P OUTPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT
iptables -A INPUT -m conntrack –ctstate ESTABLISHED,RELATED -j ACCEPT
iptables -A OUTPUT -m conntrack –ctstate NEW,ESTABLISHED,RELATED -j ACCEPT
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -A FORWARD -j ACCEPT
/sbin/iptables -A INPUT -p tcp –dport 22 -j ACCEPT
/sbin/iptables -A OUTPUT -p tcp –sport 22 -j ACCEPT
/sbin/iptables -A INPUT -p tcp –dport 80 -j ACCEPT
/sbin/iptables -A OUTPUT -p tcp –sport 80 -j ACCEPT
/sbin/iptables -A INPUT -p tcp –dport 443 -j ACCEPT
/sbin/iptables -A OUTPUT -p tcp –sport 443 -j ACCEPT
/sbin/iptables -A INPUT -p tcp –dport 1723 -j ACCEPT
/sbin/iptables -A OUTPUT -p tcp –sport 1723 -j ACCEPT
iptables -A INPUT -p gre -j ACCEPT
iptables -A INPUT -j DROP
iptables -A OUTPUT -j DROP

click here to watch video

________________________________________________________________________________________________

Redirect port to another port in iptables

sudo iptables -t nat -A OUTPUT -p tcp -m owner ! –uid-owner root –dport 143 -j REDIRECT –to-port 465

-A OUTPUT -p tcp -m owner ! –uid-owner 0 -m tcp –dport 143 -j REDIRECT –to-ports 465

click here to watch video

________________________________________________________________________________________________

allow all websites except (service-bestvpn.com ip :217.160.0.99 )- block all websites in iptables

iptables -I OUTPUT -p tcp -m tcp –dport 443 -j REJECT –reject-with icmp-port-unreachable
iptables -I OUTPUT -p tcp -m tcp –dport 80 -j REJECT –reject-with icmp-port-unreachable
iptables -I OUTPUT -p tcp -m tcp -d 217.160.0.99/32 –dport 80 -j ACCEPT
iptables -I OUTPUT -p tcp -m tcp -d 217.160.0.99/32 –dport 443 -j ACCEPT

click here to watch video

###############################################################

################Iptables Actions##################

##############################################################################

# sudo iptables -S _____________________________________ To list all IPv4 rules

sudo iptables -L (or) sudo iptables –list _____To list all tables rules

sudo iptables -F ____________________________________________to remove all iptables

The procedure to list all rules on Linux is as follows:

Open the terminal app or login using ssh:
ssh user@server-name
To list all IPv4 rules :
sudo iptables -S
To list all IPv6 rules :
sudo ip6tables -S
To list all tables rules :
sudo iptables -L -v -n | more
To list all rules for INPUT tables :
sudo iptables -L INPUT -v -n
sudo iptables -S INPUT

Viewing all iptables rules in Linux

The syntax is:

iptables -S
iptables --list
iptables -L
iptables -S TABLE_NAME
iptables --table NameHere --list
iptables -t NameHere -L -n -v --line-numbers

Print all rules in the selected chain

sudo iptables -S sudo iptables -S INPUT iptables -S OUTPUT

How to list rules for given tables

Type the following command as root user:
# iptables -L INPUT # iptables -L FORWARD # iptables -L OUTPUT # iptables -L

Let us try to understand rules:

target – Tell what to down when a packet matches the rule.
prot – The protocol for rule.
opt – Additional options for rule.
source – The source IP address/subnet/domain name.
destination – The destination IP address/subnet/domain name.

iptables–save > /etc/iptables/rules. v4 to save

Thank you so much.

Radwan daoud

_______________________________________________________________________

_________________________________________________________________________

###############################################################

Viewing all iptables rules in Linux

Print all rules in the selected chain

How to list rules for given tables

Leave a Reply Cancel reply