IPTABLES  Interview Questions 

How to disable IPTABLES ?

==================
# service iptables save
# service iptables stop
# chkconfig iptables off

How To clear IP rules in IPTABLES use below commands:

=====================================
# iptables -F
# iptables -X
# iptables -t nat -F
# iptables -t nat -X
# iptables -t mangle -F
# iptables -t mangle -X
# iptables -P INPUT ACCEPT
# iptables -P OUTPUT ACCEPT

How to Enable IPTABLES ?

===================
# /etc/init.d/iptables start
# chkconfig iptables on
# iptables-save > /root/working.fw

How to restore Rules in IPTABLES  ?

=============
#iptables-restore < /root/firewall.rules
#iptables-save > /root/firewall.rules

How to List the iptable Rules in IPTABLES ?

# iptables –list
#iptables -L

How to List the NAT iptable Rules ?

iptables -t nat -L
iptables -t nat -L -n -v | grep 'some-word'
iptables -t nat -L -n -v

 

How to delete iptable rules ?

# iptables –flush
# iptables –flush OUTPUT  //To delete particular CHAIN

Some basic Rules of IPTABLES ?

=============
Interface level:
Allow incoming packets at interface level
# iptables -A INPUT -i lo -j ACCEPT
# iptables -A INPUT -i eth0 -j ACCEPT
# Accept packets from trusted IP addresses
 iptables -A INPUT -s 192.168.0.4 -j ACCEPT # change the IP address as appropriate
# Accept packets from trusted IP addresses
#  iptables -A INPUT -s 192.168.0.0/24 -j ACCEPT   //using standard slash notation
#  iptables -A INPUT -s 192.168.0.0/255.255.255.0 -j ACCEPT // using a subnet mask
# Accept tcp packets on destination port 6881 (bittorrent)
 # iptables -A INPUT -p tcp –dport 6881 -j ACCEPT
# Accept tcp packets on destination ports 6881-6890
#  iptables -A INPUT -p tcp –dport 6881:6890 -j ACCEPT

Rules for SSH:

===========
# Accept tcp packets on destination port 22 (SSH)
 # iptables -A INPUT -p tcp –dport 22 -j ACCEPT
# Accept tcp packets on destination port 22 (SSH) from private LAN
# iptables -A INPUT -p tcp -s 192.168.0.0/24 –dport 22 -j ACCEPT