An Iptables Eulogy, Part 1: Introduction


Joe Purcell Posted by

If Scapy is the most powerful tool for network admins, iptables is the most handy. This tutorial, or eulogy rather, serves to help the reader transcend the disturbing complexity of such a simple idea: routing IP traffic.

A reader advanced in iptables would perhaps be better served reading Oskar Andreasson’s Iptables Tutorial (other formats). Oskar has been involved in writing the tutorial for many years. Though the last revision was in late 2006, iptables has not changed enough to hinder the concepts and procedures he explains. Even so, this eulogy should at the very least be worth the entertainment.

For those unaware, it is appropriate to mention that Netfilter who develops iptables is a longstanding team of developers who have contributed code since 1998. Though iptables is for Linux, even admins who use mostly Windows often have a Linux firewall, and in the case of Windows only, at least the concepts of IP routing will be of benefit.

And now, without further ado, (drumroll please…) — iptables! Iptables is an administration tool for IPv4 packet filtering and NAT. This little tool can make packets leap tall buildings, be in two places at once, or even disappear! Iptables is the place where magic happens!

Have you ever wanted to block brute force attacks, blacklist IP addresses, send “knocks” to open secret ports on your server, reroute port 9001 to 80, limit the number of connections to a port, or limit the amount of time a port is open? Iptables can do all of this and more.

Next, we will take an overview of what makes up iptables and how to use it. That will give some substance to this eulogy. In the mean time, we will leave you in awe with one of iptable’s wonders: the auto-updating IP blacklist! Behold!

wget -qO - http://infiltrated.net/blacklisted|awk '!/#|[a-z]/&&/./{print "iptables -A INPUT -s "$1" -j DROP"}'

This little snippet of code is found on Linuxaria and uses the blacklist published by infiltrated.net which is updated hourly.

About the Author: Joe Purcell is a technology virtuoso, cyberspace frontiersman, and connoisseur of Linux, Mac, and Windows alike.

Comments are closed.