What is IPTables and define its structure?

What is IPTables and define its structure?

IPTables:

iptables is a firewall system that is based on rules. Mostly iptables firewall is preinstalled in linux system. It is pre installed in Unix system that is controlling the outgoing and incoming packets. By default it runs without any rules you can edit, add, and create own rules. iptables is a front end tool to kernel and filter the packets.

Structure of IPTables:

IPTables follows the rules on a structure that is a chain structure.

Tables -> Chains -> Rules

We define the different tables that are used in IPTable Structure:

I. Filter Table:

Filter table is a default table where we don’t need to rules in the table. Three inbuilt chains are available in filter table.

· INPUT Chain:

In input chain we can add rules for managing the input connections on the server. This chain is used to manage input packets on the server.

· FORWARDED Chain:

This chain is used to manage connection of packets on one network interface to other on same system.

· OUTPUT Chain:

This chain is used to control on packets on sever comes from outside. We can also add rules to manage connection from outside on the server.


II. NAT Table:

NAT is refers to as Network Address Translation is used to modify in network address on Internet protocol. It can modify the network address during the transmission of packets across traffics on device. NAT table have the three different chain tables that are PREROUTING Chain, POSTROUTING Chain and OUTPUT Chain.

III. Mangle Table:

Mangle table is used for alternate packets. It also contains four inbuilt tables.

OUTPUT Chain, PREROTING Chain, FORWARDED Chain, INPUT Chain and POSTROUTING Chain.


Default Configuration file For IPTables:

You can set default configuration for IPTables. You can change and edit in the rules of IPTables that are saved in “/etc/sysconfig/iptables” below the Unix architecture. If you want change anything in init script than go in another Configuration file that is “/etc/sysconfig/iptables-config”.


IPTABLES_MODULES:

Iptables_modules has the space separate list of nat helpers.


IPTABLES_MODULES_UNLOAD:

It has files to stop and start the unload modules.


IPTABLES_SAVE_ON_STOP:

This module is used to save the rule that is stop on currently firewall.


IPTABLES_SAVE_ON_RESTART:

It saved the rule that is restart on current firewall.


IPTABLES_SAVE_COUNTER:

It restore and save the chain counter and rules.


IPTABLES_STATUS_NUMERIC:

It gives output of numeric status.


IPTABLE_STATUS_VERBOSE:

It gives output of verbose status.


IPTABLES_STATUS_LINENUMBER:

It gives output of status with line number.


IPTABLES_SYSCTL_LOADLIST:

It reloads the start and restart setting for SYSCTL1.
Author
Jaishree
First release
Last update
Rating
0.00 star(s) 0 ratings
Top