2.8.3. Using IPTables
The first step in using
iptablesis to start the
iptablesservice. Use the following command as the root user to start the
service iptables restartiptables: Applying firewall rules: [ OK ]
ip6tablesservice can be turned off if you intend to use the
iptablesservice only. If you deactivate the
ip6tablesservice, remember to deactivate the IPv6 network also. Never leave a network device active without the matching firewall.
iptablesto start by default when the system is booted, use the following command as the root user:
chkconfig --level 345 iptables on
iptablesto start whenever the system is booted into runlevel 3, 4, or 5.
126.96.36.199. IPTables Command Syntax
The following sample
iptablescommand illustrates the basic command syntax:
-Aoption specifies that the rule be appended to <chain>. Each chain is comprised of one or more rules, and is therefore also known as a ruleset.
The three built-in chains are INPUT, OUTPUT, and FORWARD. These chains are permanent and cannot be deleted. The chain specifies the point at which a packet is manipulated.
-j <target>option specifies the target of the rule; i.e., what to do if the packet matches the rule. Examples of built-in targets are ACCEPT, DROP, and REJECT.
Refer to the
iptablesman page for more information on the available chains, options, and targets.