IPTables

From Chorke Wiki
Jump to navigation Jump to search

IPTables » Flush

Command Effect
sudo iptables -t nat -F Flush NAT Table Rules: To flush rules from the nat table
sudo iptables -F INPUT Flush a Specific Chain: For example, to flush only the INPUT chain
sudo ip6tables -F Flush IPv6 IPTables (if applicable): If you’re working with IPv6 IPTables (ip6tables)
sudo iptables -F Flush All Rules: This command flushes all IPTables rules across all chains

IPTables » Allow SSH » Flush

sudo su
mkdir -p /etc/iptables/
iptables-save  > /etc/iptables/rules.v4
ip6tables-save > /etc/iptables/rules.v6

ls -alh ${HOME}/.config/{iptables,ufw}/
ls -alh ${HOME}/.config/{iptables,ufw}/*

BACKUP_DATE_TIME="$(date +'%Y%m%d-T%H%M')-Z$(date +'%z'|tr '+-' 'PM')"
stat -c "%a %n" /etc/ufw/{before,before6,user,user6,after,after6}.rules

mkdir -p ${HOME}/.config/iptables/${BACKUP_DATE_TIME}/
iptables-save  > ${HOME}/.config/iptables/${BACKUP_DATE_TIME}/rules.v4
ip6tables-save > ${HOME}/.config/iptables/${BACKUP_DATE_TIME}/rules.v6

# disable ufw
ufw disable

# restrict any request
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT ACCEPT

# flush all rules
iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F
iptables -t mangle -X
iptables -t raw -F
iptables -t raw -X

# allow ssh request only
iptables -A INPUT -p tcp --dport 22 -j ACCEPT

# check rules
iptables -S
iptables -L -n -v

# iptables-restore  < /etc/iptables/rules.v4
# ip6tables-restore < /etc/iptables/rules.v6

# iptables-restore  < ${HOME}/.config/iptables/${BACKUP_DATE_TIME}/rules.v4
# ip6tables-restore < ${HOME}/.config/iptables/${BACKUP_DATE_TIME}/rules.v6

IPTables » Allow SSH » Flush All

sudo su
mkdir -p /etc/iptables/
iptables-save  > /etc/iptables/rules.v4
ip6tables-save > /etc/iptables/rules.v6

ls -alh ${HOME}/.config/{iptables,ufw}/
ls -alh ${HOME}/.config/{iptables,ufw}/*

BACKUP_DATE_TIME="$(date +'%Y%m%d-T%H%M')-Z$(date +'%z'|tr '+-' 'PM')"
stat -c "%a %n" /etc/ufw/{before,before6,user,user6,after,after6}.rules

mkdir -p ${HOME}/.config/iptables/${BACKUP_DATE_TIME}/
iptables-save  > ${HOME}/.config/iptables/${BACKUP_DATE_TIME}/rules.v4
ip6tables-save > ${HOME}/.config/iptables/${BACKUP_DATE_TIME}/rules.v6

mkdir -p ${HOME}/.config/ufw/${BACKUP_DATE_TIME}/
rsync -avz /etc/ufw/{before,before6,user,user6,after,after6}.rules \
${HOME}/.config/ufw/${BACKUP_DATE_TIME}/

ls -alh ${HOME}/.config/{iptables,ufw}/
ls -alh ${HOME}/.config/{iptables,ufw}/*

# disable ufw
ufw disable

# allow any request
iptables -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT
iptables -P FORWARD ACCEPT

# flush all rules
iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F
iptables -t mangle -X
iptables -t raw -F
iptables -t raw -X

# allow ssh request only
# iptables -A INPUT -p tcp --dport 22 -j ACCEPT

# check rules
iptables -S
iptables -L -n -v
ufw status numbered

# iptables-restore  < /etc/iptables/rules.v4
# ip6tables-restore < /etc/iptables/rules.v6

# iptables-restore  < ${HOME}/.config/iptables/${BACKUP_DATE_TIME}/rules.v4
# ip6tables-restore < ${HOME}/.config/iptables/${BACKUP_DATE_TIME}/rules.v6

# rsync -avz ${HOME}/.config/ufw/${BACKUP_DATE_TIME}/*.rules /etc/ufw/
# chmod 640 /etc/ufw/{before,before6,user,user6,after,after6}.rules
# ufw enable

iptables -S
ufw status numbered

Playground

netstat -uap|grep nginx
apt list --installed
sudo iptables -S
netstat -lpn
netstat -a

sudo ss -tulpn | grep LISTEN | grep resolve
sudo ss -tulpn | grep LISTEN | grep minio
sudo ss -tulpn | grep LISTEN | grep sshd
sudo ss -tulwn | grep LISTEN
sudo ss -tulpn | grep LISTEN

sudo lsof -i -P -n | grep LISTEN
sudo ss -tulpn     | grep LISTEN
ls -lah /etc/iptables/
ls -lah /etc/iproute2/
ls -lah /etc/ufw/

nc   vpn.shahed.biz -uv 1194 # udp
nc   vpn.shahed.biz -tv 80   # tcp
nc   vpn.shahed.biz -tv 53   # tcp
nc   localhost -uv 1194      # udp
nc   localhost -tv 80        # tcp
nmap localhost -sT           # tcp
nmap localhost -sU           # udp

suod journalctl -xeu ufw.service
sudo journalctl -xeu iptables
sudo journalctl -xeu nftables
systemctl daemon-reload
journalctl -xe|less
journalctl -xe|tail
journalctl -xe

sudo -i -u minikube
echo $(ip r g $(minikube ip)|awk '{print $3}'|head -n1)

sudo nmap vpn.shahed.biz -sU -sT -p U:1194,T:22,53,443

nmap mail.chorke.org --packet-trace -p 587 -vv -sT
tracerout mail.chorke.org

apt install inetutils-traceroute
apt install nmap

systemctl status iptables
systemctl status nftables

sudo ip6tables-save > /etc/iptables/rules.v6
sudo iptables-save > /etc/iptables/rules.v4

sudo iptables -S FORWARD -v
sudo iptables -S OUTPUT  -v
sudo iptables -S INPUT   -v

sudo iptables -L FORWARD -v
sudo iptables -L OUTPUT  -v
sudo iptables -L INPUT   -v

sudo iptables -L FORWARD -v --line-numbers
sudo iptables -L OUTPUT  -v --line-numbers
sudo iptables -L INPUT   -v --line-numbers

sudo iptables -S -t nat -v
sudo iptables -S -t nat

sudo iptables -L -t nat -v
sudo iptables -L -t nat

sudo iptables -L -t nat -v --line-numbers
sudo iptables -L -t nat    --line-numbers

sudo systemctl restart networking
sudo iptables -L --line-numbers
iptables --version

sudo nmap -sP 192.168.49.0/24
sudo arp  -d  192.168.49.100
arp -n

sudo arp -s 192.168.49.100 02:42:c0:a8:31:02
kubectl get nodes -o wide
ip route show

nmap vpn.shahed.biz --reason -Pn --top 20
nmap vpn.shahed.biz --reason -Pn -p25,465,587,993

sudo tail -n100 -f /var/log/auth.log
sudo tail -n100 -f /var/log/kern.log

sudo cat /etc/shadow|grep nobody
last

References

Retrieved from "https://cdn.chorke.org/weke/index.php?title=IPTables&oldid=13973"