-
What are the 3 chains available in iptables?
INPUT, OUTPUT, and FORWARD
-
If no rules are matched, what happens?
The default rule is executed. This can be an ACCEPT (which will allow all packets) or DROP (which will reject all packets). The default rule should be set for all 3 chains (INPUT, OUTPUT, and FORWARD).
-
How do you list all rules?
iptables -L
-
If you are going to clear all rules, what must you do first?
Set the default input policy to accept all?
-
How do you set the default input policy to accept all packets?
iptables -P INPUT ACCEPT. If you are flushing all rules over SSH, you must set this to the default input policy. Otherwise you will be locked out.
-
How do you flush all rules?
iptables -F
-
Explain "iptables -A INPUT -i lo -j ACCEPT"
Append (-A) an INPUT rule that allows (ACCEPT) all incoming packets on the loopback (lo) interface (-i).
-
Explain "iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT"
For all incoming packets that are a part of an established or related connection (ie, NOT NEW), accept them
-
What rule would allow you to work over SSH?
iptables -A INPUT -p tcp --dport 22 -j ACCEPT
-
How do you set the default input policy to reject all packets?
iptables -P INPUT DROP
-
Explain "iptables -P FORWARD DROP"
Drop all packets to be forwarded. Only used if computer is being used as a router.
-
Explain "iptables -P OUTPUT ACCEPT"
Allow all outgoing packets
-
How do you save rules after making changes?
service iptables save
-
What flag allows filtering for a single IP address?
-s
-
What are the 3 IP formats that the -s flag accepts?
single IP address, CIDR, or netmask.
-
What flags allow for mac filtering
-m (module) mac --mac-source MAC_ADDRESS
-
Before you accept or reject a specific port, what must you do first?
Define the protocol (tcp, udp, icmp, all) using the -p option
-
What flag defines a specific destination port?
-dport
-
What flag defines a source port?
-sport
-
What are the 3 tables in iptables?
packet mangling, filtering, and NATing tables
|
|
