Iptables

From CLONWiki
Revision as of 15:34, 15 May 2025 by Boiarino (talk | contribs) (Created page with "'''IPTABLES''' Show tables: iptables -vL -t filter iptables -vL -t nat iptables -vL -t mangle iptables -vL -t raw iptables -vL -t security Only first two seems relevant. Clear them: iptables -t filter -F iptables -t nat -F Set needed settings (we assumes loval network port is 'enp_bond', and uplink port is 'em1'): iptables -A INPUT -i lo -j ACCEPT iptables -A INPUT -i enp_bond -j ACCEPT iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT ipt...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

IPTABLES

Show tables: 

iptables -vL -t filter
iptables -vL -t nat
iptables -vL -t mangle
iptables -vL -t raw
iptables -vL -t security

Only first two seems relevant. Clear them: 

iptables -t filter -F
iptables -t nat -F

Set needed settings (we assumes loval network port is 'enp_bond', and uplink port is 'em1'): 

iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -i enp_bond -j ACCEPT
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -t nat -A POSTROUTING -o em1 -j MASQUERADE
iptables -A FORWARD -i em1 -o enp_bond -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -i enp_bond -o em1 -j ACCEPT

Save rules and restart service: 

iptables-save > /etc/sysconfig/iptables
systemctl enable iptables
systemctl start iptables
Retrieved from "https://clonwiki0.jlab.org/wiki/index.php?title=Iptables&oldid=8270"