A Question about iptables
Im new to linux and this is my first post here and i looking for answers for some of my questions
Here is the defaults of my iptables: target prot opt source destination ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited Chain FORWARD (policy ACCEPT) target prot opt source destination REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited Chain OUTPUT (policy ACCEPT) target prot opt source destination i know how iptables work in general but what i cant understand is: 1- why are the source and destination 0.0.0.0/0? 2- what does the following mean: 2.1- reject-with icmp-host-prohibited 2.2- state RELATED,ESTABLISHED 2.3-state NEW tcp dpt:22 3- what is icmp? i know it is an iternet protocol but what is the use of it/when do i use it, Which applications of services use it?. i tried googling this but i got lost Thanks in advance and i will really appreciate detailed answers |
1 - it means "everything". literally it represents a subnet on 0.0.0.0 with a 0 bit subnet mask, which will match everything.
2.1 - drop the connection and send an ICMP Host Prohibited message back 2.2 - allow connections which are already established or related to established connections 2.3 - allow new connections on TCP port 22 (that's SSH) 3 - it's Internet Control Message Protocol, it's what protocol Pings are, and are used to send low level technical messages. SO SO much more on wikipedia and the likes, just have a search. |
All times are GMT -5. The time now is 05:31 PM. |