In this post we will learn about how to save iptables permanently on Ubuntu. We will use the package called iptables-persistent.
Step 1 – Update repositories.
root@mail:/# apt-get update
root@mail:/# apt-get upgrade
Step 2 – Install iptables-persistentroot@mail:/# apt-get install iptables-persistent
Step 3 – The below given screen is for selecting IPv4.
auto eth0 iface eth0 inet static address 192.168.0.1 netmask 255.255.255.0 network 192.168.0.0 gateway 192.168.0.254 dns-nameservers 8.8.8.8
Step 6 – Add iptables rules permanent – open network config file nano /etc/network/interfaces add the following line of the end. This is for ip version 4 if you want you can add ip version 6pre-up iptables-restore < /etc/iptables/rules.v4
Step 7 – If you want to block ip address, you can execute the following command.root@mail:/# iptables -I INPUT 1 -s 192.168.1.111/32 -j DROP
Step 8 – If you want to block ip address range, you can execute the following command.root@mail:/# iptables -I INPUT 1 -s 192.168.0.0/16 -j DROP
Step 9 – If you want to block ip address range but you want to allow access of one ip address from this range, you can execute the following commands.root@mail:/# iptables -I INPUT 1 -s 192.168.1.15/32 -j ACCEPT
root@mail:/# iptables -I INPUT 2 -s 192.168.0.0/16 -j DROP
Step 10 – Save iptablesroot@mail:/# iptables-save > /etc/iptables/rules.v4
Step 11 – Show iptablesroot@mail:/# iptables -L -n –line-numbers Chain INPUT (policy ACCEPT) target prot opt source destination 1 ACCEPT all — 192.168.1.15 0.0.0.0/0 2 DROP all — 192.168.0.0/16 0.0.0.0/0 3 DROP all — 192.168.0.0/16 0.0.0.0/0 4 DROP all — 192.168.1.111 0.0.0.0/0
Step 12 – Delete ip address from iptables. You must see number of ip address. For example I will remove 192.168.1.111root@mail:/# iptables -D INPUT 4
Step 13 – Save iptables agein.root@mail:/# iptables-save > /etc/iptables/rules.v4
Posts Contents: – Download More Blogspot contents(Posts) for you site
Comments
Post a Comment