iptables for Dummies.

hack3rcon · 01-04-2017, 07:52 AM

Hello.
I like to learn iptable and write my rules but I guess it is hard to learn. I found some documents but...I need a cheat sheet that explain it for me from basic. For example, Tell me what does "A","p","m" mean, "dport" and "state", "j","i","FORWARD","OUTPUT" and...

Any idea?

Thank you.

hazel · 01-04-2017, 11:00 AM

Have you googled for this? I quickly found this guide which explains most of the arguments you list. It tells you what "states" are too.

Turbocapitalist · 01-04-2017, 11:32 AM

Try to gradually acclimate to the manual pages in cases like this. It's a good reference document where you can look up things like that quickly.

Code:

man iptables
man iptables-extensions
man man

You can search a manual page with / and ? for forward and backward searches respectively. Don't worry about trying to read the whole manual page, it's a reference not a novel.

JockVSJock · 01-04-2017, 01:23 PM

Probably the best guide, past down to me by unSpawn.

http://linuxtopia.org/Linux_Firewall...les/index.html

Turbocapitalist · 01-04-2017, 01:41 PM

Quote:

Originally Posted by JockVSJock

Probably the best guide, past down to me by unSpawn.

http://linuxtopia.org/Linux_Firewall...les/index.html

That one is 2005, there is a 2006 version here : https://www.frozentux.net/documents/iptables-tutorial/

It has a good amount of background material. But it's a bit out of date in regards to the options and the manual pages are more authoritative in regards to the options themselves.

jmccue · 01-06-2017, 11:24 AM

I would say unless you have a real reason to learn iptables, I would probably learn Nftables (wikioedia) instead. I heard that is suppose to replace iptables someday. BTW I am far from an expert on either, but this is what I have been hearing

hack3rcon · 01-08-2017, 07:53 AM

Quote:

Originally Posted by hazel

Have you googled for this? I quickly found this guide which explains most of the arguments you list. It tells you what "states" are too.

In your idea it is most???

hack3rcon · 01-08-2017, 07:55 AM

Quote:

Originally Posted by jmccue

I would say unless you have a real reason to learn iptables, I would probably learn Nftables (wikioedia) instead. I heard that is suppose to replace iptables someday. BTW I am far from an expert on either, but this is what I have been hearing

You right but manual!!!

salasi · 01-08-2017, 09:04 AM

Quote:

Originally Posted by jmccue

I would say unless you have a real reason to learn iptables, I would probably learn Nftables (wikioedia) instead. I heard that is suppose to replace iptables someday.

Emphasis on the 'someday'. I've been hearing that since around 2009 or so, and there really isn't a definitive timetable for it to happen, as far as I know. There was a brief flurry of activity around when it looked like Xtables might make the great leap forward, but recently not so much.

Unless you really have some more info about when Nftables might become mainstream, I wouldn't put off learning iptables for it.

As far as references are concerned the 'frozentux' one is good (but somewhere between a manual and a tutorial...and not a short piece of work that you'll finish reading over coffee), and the iptables man pages are among the better man pages, being more readable than most.

If you'd prefer reading through someone's worked example, I'm also fond of this in spite of it being relatively old now.

lazydog · 01-09-2017, 10:05 AM

I'll second the link that Turbocapitalist posted. This is what I used to learn IPTABLES back in the day. today you will need to look at the man pages also to get an up to date view of the new commands.