IpTables Firewall

About

iptables is a Firewall and NAT service.

The actual iptables rules are created and customized on the command line with the command :

  • iptables for IPv4
  • and ip6tables for IPv6.

The iptables command inspect the tables of IPv4 and IPv6 packet filter rules in the Linux kernel.

firewalld is a service based on Iptables and they conflicts (they should not be installed on the same OS)

Management

Start / Stop

You can start, stop, and restart iptables after booting by using the commands: 

service iptables stop
systemctl stop iptables 

Flushing firewall rules:                                   [  OK  ]
Setting chains to policy ACCEPT: filter                    [  OK  ]
Unloading iptables modules:                                [  OK  ]


service iptables stop

Firewall is stopped.

Status

service iptables status
systemctl status iptables

How to configure Iptable to allow all connection to the Oracle Database

iptables -A INPUT -p tcp -s 0/0 --sport 1024:65535 -d 0/0 --dport 1521 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -p tcp -s 0/0 --sport 1521 -d 0/0 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT
service iptables save
service iptables restart

Verify that the listener of your database is up and running otherwise you may have an error of the network adapter

List

List the firewall rule 

iptables --list
# or
iptables -L

Chain INPUT (policy ACCEPT)
target     prot opt source               destination
ACCEPT     tcp  --  anywhere             anywhere             tcp dpts:6006:6009
ACCEPT     tcp  --  anywhere             anywhere             tcp dpts:6014:wrspice
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:pcsync-https
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:8185
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:6013
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:6005
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:pcsync-https
ACCEPT     all  --  anywhere             anywhere             state RELATED,ESTABLISHED
ACCEPT     icmp --  anywhere             anywhere
ACCEPT     all  --  anywhere             anywhere
ACCEPT     tcp  --  anywhere             anywhere             state NEW tcp dpt:ssh
REJECT     all  --  anywhere             anywhere             reject-with icmp-host-prohibited
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:7180

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
REJECT     all  --  anywhere             anywhere             reject-with icmp-host-prohibited

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Documentation / Reference




Recommended Pages
Firewalld - Collection of commands by concept (Zone, Service, Port, Rich Rule)

Cheatsheet on the usage of Firewalld
Chrome Site Cant Be Reached
How to allow the Cloudflare HTTP traffic to your Origin Server with Firewalld (iptables)

This article is a step by step that shows you how to configure the firewall Firewalld to allow the network packet traffic from a subnet such as Cloudflare
How to restrict your firewall by country firewalld (ie iptable)

A step by step on how to configure your iptable firewall with firewalld to allow only request from a country
Linux Firewall
Linux - Firewall

Firewall on Linux GUI You can manage the firewall and secure linux through the gui: Gnome. System > Administration > Security Level and Firewall. Kde. Applications > System Settings > Security...
Linux - Port 80 - How to give permissions

On Unix-based systems, the default HTTP port 80 is only available to program started by the root user. For security reasons, it is not desirable to run the server as root (if the program got hacked for...



Share this page:
Follow us:
Task Runner