Differences

This shows you the differences between two versions of the page.

--- firewall:firewall [2022/08/15 00:07] – jc
+++ firewall:firewall [2023/04/23 19:40] (current) – jc
@@ Line 1: / Line 1: @@
-====== Firewall ======
+<markdown>
-===== iptables =====
+# Firewall
-Accept SSH connection to the input chain.
+## iptables
-<code bash>iptables -I INPUT -s <subnet>/<mask> -p tcp --dport 22 -j ACCEPT</code>
+Accept SSH connections destined to 10.0.0.0/24.
-Deny SSH connection to the input chain.
+``` bash
+iptables -I INPUT -s 10.0.0.0/24 -p tcp --dport 22 -j ACCEPT
+```
-<code bash>iptables -A INPUT -p tcp --dport 22 -j DROP</code>
+Deny all SSH connections.
+``` bash
+iptables -A INPUT -p tcp --dport 22 -j DROP
+```
 Rewrite the source address (SNAT) of packets egressing eth0 to 192.168.1.1.
-<code bash>iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to 192.168.1.1</code>
+``` bash
+iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to 192.168.1.1
+```
 Rewrite the destination address (DNAT) 192.168.1.1 of a packet ingressing eth0 to the destination 192.168.2.2.
-<code bash>iptables -t nat -A PREROUTING -i eth0 -d 192.168.1.1 -j DNAT --to-destination 192.168.2.2</code>
+``` bash
+iptables -t nat -A PREROUTING -i eth0 -d 192.168.1.1 -j DNAT --to-destination 192.168.2.2
+```
 Masquerade (NAT) all packets egressing interface wlan0.
-<code bash>sudo iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADE</code>
+``` bash
+iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADE
+```
 Save iptables rules.
-<code bash>iptables-save -f </path/to/file> </code>
+``` bash
+iptables-save -f </path/to/file>
+```
+## ebtables
+## firewalld
+## nftables
+</markdown>

生まれ変わる - umarekawaru

User Tools

Site Tools

Differences

Page Tools