Donny's Blog
iptables basic
iptables basic

iptables basic

Tech
Donny Donny
December 27, 2018
December 27, 2018
171
-
iptablesroutefilter
sudo iptablesnatlistoutput

Tags in blue are handcrafted tags; Tags in green are generated using AutoTag.

List

# list filter table
sudo iptables -L

# list nat table
sudo iptables -L -t nat

Redirect

# Redirect locally
sudo iptables -A OUTPUT -t nat -p tcp --src 127.0.0.1 --dport 80 -j REDIRECT --to-port 8080

# Redirect in LAN
sudo iptables -A PREROUTING -t nat -p tcp --src 10.42.0.0/24 --dst 10.42.0.1 --dport 80 -j REDIRECT --to-port 8080

Filter

# Reject with ICMP-port-unreachable.
sudo iptables -A OUTPUT --dst www.bing.com -j REJECT 

# Drop and hang up the connection.
sudo iptables -A OUTPUT --dst www.bing.com -j DROP

Package flow paths

Package flow paths (from iptables - Wikipedia):

Netfilter Packet Flow

Creative Commons License
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License .
Original Link: https://blog.ny-do.com/posts/6879787938/