IPTables: Difference between revisions

From Chorke Wiki
Jump to navigation Jump to search
No edit summary
 
(15 intermediate revisions by the same user not shown)
Line 14: Line 14:


==IPTables » Allow SSH » Flush==
==IPTables » Allow SSH » Flush==
<syntaxhighlight lang="properties">
<syntaxhighlight lang="bash">
sudo su
sudo su
mkdir -p ${HOME}/.config/iptables/
mkdir -p /etc/iptables/
iptables-save  > /etc/iptables/rules.v4
ip6tables-save > /etc/iptables/rules.v6
 
ls -alh ${HOME}/.config/{iptables,ufw}/
ls -alh ${HOME}/.config/{iptables,ufw}/*
 
BACKUP_DATE_TIME="$(date +'%Y%m%d-T%H%M')-Z$(date +'%z'|tr '+-' 'PM')"
BACKUP_DATE_TIME="$(date +'%Y%m%d-T%H%M')-Z$(date +'%z'|tr '+-' 'PM')"
stat -c "%a %n" /etc/ufw/{before,before6,user,user6,after,after6}.rules
mkdir -p ${HOME}/.config/iptables/${BACKUP_DATE_TIME}/
iptables-save  > ${HOME}/.config/iptables/${BACKUP_DATE_TIME}/rules.v4
iptables-save  > ${HOME}/.config/iptables/${BACKUP_DATE_TIME}/rules.v4
ip6tables-save > ${HOME}/.config/iptables/${BACKUP_DATE_TIME}/rules.v6
ip6tables-save > ${HOME}/.config/iptables/${BACKUP_DATE_TIME}/rules.v6


ls -alh ${HOME}/.config/{iptables,ufw}/
ls -alh ${HOME}/.config/{iptables,ufw}/*
# disable ufw
ufw disable
# restrict any request
iptables -P INPUT DROP
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P FORWARD DROP
iptables -P OUTPUT ACCEPT
iptables -P OUTPUT ACCEPT
# flush all rules
iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F
iptables -t mangle -X
iptables -t raw -F
iptables -t raw -X
# allow ssh request only
iptables -A INPUT -p tcp --dport 22 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -j ACCEPT
iptables -F
 
# check rules
iptables -S
iptables -L -n -v
 
# iptables-restore  < /etc/iptables/rules.v4
# ip6tables-restore < /etc/iptables/rules.v6


# iptables-restore  < ${HOME}/.config/iptables/${BACKUP_DATE_TIME}/rules.v4
# iptables-restore  < ${HOME}/.config/iptables/${BACKUP_DATE_TIME}/rules.v4
Line 32: Line 66:


==IPTables » Allow SSH » Flush All==
==IPTables » Allow SSH » Flush All==
<syntaxhighlight lang="properties">
<syntaxhighlight lang="bash">
sudo su
sudo su
mkdir -p /etc/iptables/
iptables-save  > /etc/iptables/rules.v4
ip6tables-save > /etc/iptables/rules.v6
ls -alh ${HOME}/.config/{iptables,ufw}/
ls -alh ${HOME}/.config/{iptables,ufw}/*
BACKUP_DATE_TIME="$(date +'%Y%m%d-T%H%M')-Z$(date +'%z'|tr '+-' 'PM')"
BACKUP_DATE_TIME="$(date +'%Y%m%d-T%H%M')-Z$(date +'%z'|tr '+-' 'PM')"
stat -c "%a %n" /etc/ufw/{before,before6,user,user6,after,after6}.rules
stat -c "%a %n" /etc/ufw/{before,before6,user,user6,after,after6}.rules
Line 45: Line 86:
${HOME}/.config/ufw/${BACKUP_DATE_TIME}/
${HOME}/.config/ufw/${BACKUP_DATE_TIME}/


# default filter policies
ls -alh ${HOME}/.config/{iptables,ufw}/
ls -alh ${HOME}/.config/{iptables,ufw}/*
 
# disable ufw
ufw disable
 
# allow any request
iptables -P INPUT ACCEPT
iptables -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT
iptables -P OUTPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P FORWARD ACCEPT
iptables -A INPUT -p tcp --dport 22 -j ACCEPT


# flush & delete custom chains
# flush all rules
iptables -F
iptables -F
iptables -X
iptables -X
Line 60: Line 106:
iptables -t raw -F
iptables -t raw -F
iptables -t raw -X
iptables -t raw -X
# allow ssh request only
# iptables -A INPUT -p tcp --dport 22 -j ACCEPT
# check rules
iptables -S
iptables -L -n -v
ufw status numbered
# iptables-restore  < /etc/iptables/rules.v4
# ip6tables-restore < /etc/iptables/rules.v6


# iptables-restore  < ${HOME}/.config/iptables/${BACKUP_DATE_TIME}/rules.v4
# iptables-restore  < ${HOME}/.config/iptables/${BACKUP_DATE_TIME}/rules.v4

Latest revision as of 21:23, 20 January 2025

IPTables » Flush

Command Effect
sudo iptables -t nat -F Flush NAT Table Rules: To flush rules from the nat table
sudo iptables -F INPUT Flush a Specific Chain: For example, to flush only the INPUT chain
sudo ip6tables -F Flush IPv6 IPTables (if applicable): If you’re working with IPv6 IPTables (ip6tables)
sudo iptables -F Flush All Rules: This command flushes all IPTables rules across all chains

IPTables » Allow SSH » Flush

sudo su
mkdir -p /etc/iptables/
iptables-save  > /etc/iptables/rules.v4
ip6tables-save > /etc/iptables/rules.v6

ls -alh ${HOME}/.config/{iptables,ufw}/
ls -alh ${HOME}/.config/{iptables,ufw}/*

BACKUP_DATE_TIME="$(date +'%Y%m%d-T%H%M')-Z$(date +'%z'|tr '+-' 'PM')"
stat -c "%a %n" /etc/ufw/{before,before6,user,user6,after,after6}.rules

mkdir -p ${HOME}/.config/iptables/${BACKUP_DATE_TIME}/
iptables-save  > ${HOME}/.config/iptables/${BACKUP_DATE_TIME}/rules.v4
ip6tables-save > ${HOME}/.config/iptables/${BACKUP_DATE_TIME}/rules.v6

ls -alh ${HOME}/.config/{iptables,ufw}/
ls -alh ${HOME}/.config/{iptables,ufw}/*

# disable ufw
ufw disable

# restrict any request
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT ACCEPT

# flush all rules
iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F
iptables -t mangle -X
iptables -t raw -F
iptables -t raw -X

# allow ssh request only
iptables -A INPUT -p tcp --dport 22 -j ACCEPT

# check rules
iptables -S
iptables -L -n -v

# iptables-restore  < /etc/iptables/rules.v4
# ip6tables-restore < /etc/iptables/rules.v6

# iptables-restore  < ${HOME}/.config/iptables/${BACKUP_DATE_TIME}/rules.v4
# ip6tables-restore < ${HOME}/.config/iptables/${BACKUP_DATE_TIME}/rules.v6

IPTables » Allow SSH » Flush All

sudo su
mkdir -p /etc/iptables/
iptables-save  > /etc/iptables/rules.v4
ip6tables-save > /etc/iptables/rules.v6

ls -alh ${HOME}/.config/{iptables,ufw}/
ls -alh ${HOME}/.config/{iptables,ufw}/*

BACKUP_DATE_TIME="$(date +'%Y%m%d-T%H%M')-Z$(date +'%z'|tr '+-' 'PM')"
stat -c "%a %n" /etc/ufw/{before,before6,user,user6,after,after6}.rules

mkdir -p ${HOME}/.config/iptables/${BACKUP_DATE_TIME}/
iptables-save  > ${HOME}/.config/iptables/${BACKUP_DATE_TIME}/rules.v4
ip6tables-save > ${HOME}/.config/iptables/${BACKUP_DATE_TIME}/rules.v6

mkdir -p ${HOME}/.config/ufw/${BACKUP_DATE_TIME}/
rsync -avz /etc/ufw/{before,before6,user,user6,after,after6}.rules \
${HOME}/.config/ufw/${BACKUP_DATE_TIME}/

ls -alh ${HOME}/.config/{iptables,ufw}/
ls -alh ${HOME}/.config/{iptables,ufw}/*

# disable ufw
ufw disable

# allow any request
iptables -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT
iptables -P FORWARD ACCEPT

# flush all rules
iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F
iptables -t mangle -X
iptables -t raw -F
iptables -t raw -X

# allow ssh request only
# iptables -A INPUT -p tcp --dport 22 -j ACCEPT

# check rules
iptables -S
iptables -L -n -v
ufw status numbered

# iptables-restore  < /etc/iptables/rules.v4
# ip6tables-restore < /etc/iptables/rules.v6

# iptables-restore  < ${HOME}/.config/iptables/${BACKUP_DATE_TIME}/rules.v4
# ip6tables-restore < ${HOME}/.config/iptables/${BACKUP_DATE_TIME}/rules.v6

# rsync -avz ${HOME}/.config/ufw/${BACKUP_DATE_TIME}/*.rules /etc/ufw/
# chmod 640 /etc/ufw/{before,before6,user,user6,after,after6}.rules
# ufw enable

iptables -S
ufw status numbered

Playground

netstat -uap|grep nginx
apt list --installed
sudo iptables -S
netstat -lpn
netstat -a
sudo ss -tulpn | grep LISTEN | grep resolve
sudo ss -tulpn | grep LISTEN | grep minio
sudo ss -tulpn | grep LISTEN | grep sshd
sudo ss -tulwn | grep LISTEN
sudo ss -tulpn | grep LISTEN
sudo lsof -i -P -n | grep LISTEN
sudo ss -tulpn     | grep LISTEN
ls -lah /etc/iptables/
ls -lah /etc/iproute2/
ls -lah /etc/ufw/

nc   vpn.shahed.biz -uv 1194 # udp
nc   vpn.shahed.biz -tv 80   # tcp
nc   vpn.shahed.biz -tv 53   # tcp
nc   localhost -uv 1194      # udp
nc   localhost -tv 80        # tcp
nmap localhost -sT           # tcp
nmap localhost -sU           # udp
suod journalctl -xeu ufw.service
sudo journalctl -xeu iptables
sudo journalctl -xeu nftables
systemctl daemon-reload
journalctl -xe|less
journalctl -xe|tail
journalctl -xe
sudo -i -u minikube
echo $(ip r g $(minikube ip)|awk '{print $3}'|head -n1)

sudo nmap vpn.shahed.biz -sU -sT -p U:1194,T:22,53,443

nmap mail.chorke.org --packet-trace -p 587 -vv -sT
tracerout mail.chorke.org

apt install inetutils-traceroute
apt install nmap
systemctl status iptables
systemctl status nftables
sudo ip6tables-save > /etc/iptables/rules.v6
sudo iptables-save > /etc/iptables/rules.v4

sudo iptables -S FORWARD -v
sudo iptables -S OUTPUT  -v
sudo iptables -S INPUT   -v
sudo iptables -L FORWARD -v
sudo iptables -L OUTPUT  -v
sudo iptables -L INPUT   -v
sudo iptables -L FORWARD -v --line-numbers
sudo iptables -L OUTPUT  -v --line-numbers
sudo iptables -L INPUT   -v --line-numbers

sudo iptables -S -t nat -v
sudo iptables -S -t nat
sudo iptables -L -t nat -v
sudo iptables -L -t nat
sudo iptables -L -t nat -v --line-numbers
sudo iptables -L -t nat    --line-numbers

sudo systemctl restart networking
sudo iptables -L --line-numbers
iptables --version
sudo nmap -sP 192.168.49.0/24
sudo arp  -d  192.168.49.100
arp -n
sudo arp -s 192.168.49.100 02:42:c0:a8:31:02
kubectl get nodes -o wide
ip route show

nmap vpn.shahed.biz --reason -Pn --top 20
nmap vpn.shahed.biz --reason -Pn -p25,465,587,993
sudo tail -n100 -f /var/log/auth.log
sudo tail -n100 -f /var/log/kern.log
sudo cat /etc/shadow|grep nobody
last

References