IPTables : Introduction and Overview

Here is some text from the slides:

+ what is iptables?
iptables is the userspace command line program used to configure the linux packet filtering ruleset
+ a.k.a. firewall

a packet filter is a piece of software that looks at the headers of packets as they pass through, and decides the fate of the entire packet
+ control
allow only what you specify
+ security
protect against evil >:|
+ watchfulness
alerts of abnormal activity

traffic can be characterized by:
+ source and/or destination ip
trust certain hosts
+ source and/or destination port
allow specific services
+ protocol type
tcp, udp, icmp, etc…
+ additional parameters
e.g. state,

+ review: ports
Once a packet has reached its destination host, it is sent to a specific port.
+ about 65,000 available ports per host
+ the first 1024 are reserved to privileged
processes such as daemons
+ /etc/services defines well-known ports
e.g. Telnet:23, FTP:21, HTTP:80

+ review: protocols
Represent the kind of traffic being sent.
+ tcp // transmission control protocol
maintains a connection between two hosts
+ udp // user datagram protocol
sends data statelessly, without
establishing a connection
+ icmp // internet control message protocol
administrative functions such as PING

+ basic operations
-L List the rules.
-I Insert a new rule before .
-A Append a new rule at end of chain.
-R Replace rule with new rule.
-D Delete rule .
-F Flush the chain (delete all rules).
-X Delete the chain


as default policy for chain.

Specify table. default is
-j Jump to chain target