Overview:
0) Introduction & Intention
This write-up is intended to be a simple walkthrough for linux netfilter, and will be written more like a cheatsheet than a tutorial. It'll cover a basic explanation of netfilter terminology, using basic iptables commands for configuring netfilter, some example rules, and a few additional capabilities.
Back to top1) $$$$Description
Explanation of netfilter,and iptables vs ip6tables
$$$$$$$$$
what are chains
actions
default policies
basic structure of a command
Back to top2) $$$$$IPTables Commands
$$$$$$$$$
$$$$$$$$$
$$$$$$$$$
- $$$$$$$$$
$$$$$$$$$Back to top
3) $$$$$Connection States
$$$$$$$$$
$$$$$$$$$
Back to top4) $$$$$$Making Rulesets Persistent
$$$$$$$$$Back to top
5) $$$$$$$Example Rulesets
$$$$$$$$$Back to top
6) $$$$$$Additional Options
Brute-Force Protection
Ban by Geolocation
Fail2Ban
Back to top7) $$$$$$Closing Thoughts
This cheatsheet should hopefully give you a solid understanding of what the linux netfilter is, and how to use the iptables command for basic configuration. It is important to always keep in mind that your needs and your environment will determine which, if any, of these recommendations work for you. You should always keep your threat model in mind when implementing configuration changes, and never blindly follow advice on the internet. Remember: Trust, but verify! Do you think I missed something? Did a step not work? Could this simply be the most bestest article you've ever seen on the interwebz? Feel free to stop by the channel and let us know what you think. You can send your flames or flattery for this article to PrettyKittie via IRC or email.
Back to top8) $$$$$$$Additional Resources & Recommended Reading
- The #NetFilter IRC channel on Freenode
- Additional NetFilter links and tutorials
- $$$$$$$$$
H6
Lorem ipsum dolor sit amet.
I saw a squirrel. It was going like this:
Om nom nom nom