Scribd Logo
Upload

Welcome to Scribd!

  • Ejercicios Iptables

    Uploaded by

    Jonnathan Isla Lara
    2K views2 pages

    Original Title

    Ejercicios iptables

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    2K views2 pages

    Ejercicios Iptables

    Uploaded by

    Jonnathan Isla Lara

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 2

    IPTABLES - EJEMPLOS iptables A iptables D iptables P iptables R iptables L iptables F -p -s -d -o -i --sport --dport -j Agrega una regla Elimina una

    regla Politica por defecto Reemplazar una ragla Lista las reglas actuales Elimina todas las reglas

    Potocolo (tcp,icmp,udp,etc) Ip fuente Ip destino Interfaz de salida (ethx, lo, etc) Interfaz de entrada (ethx, lo, etc) Puerto o rango de puertos fuente Puerto o rango de puertos destino Accin a tomar ( ACCEPT o DROP, Aceptar o Denegar,REJECT)

    iptables -P INPUT DROP iptables -P OUTPUT DROP iptables -P FORWARD DROP

    PROTOCOLO: Iptables A INPUT -p tcp -s 10.19.1.0/24 -j ACCEPT Iptables A INPUT -p tcp,udp -s 10.19.1.0/24 -j ACCEPT # prot. Tcp,udp Iptables A INPUT -p ! tcp -s 10.19.1.0/24 -j ACCEPT # prot dif. a tcp

    DIRECCIONES IP FUENTE Y DESTINO:


    iptables A INPUT -s 10.19.1.0/255.255.255.0 -j ACCEPT iptables A INPUT -s 10.19.1.0/24 -j ACCEPT iptables A INPUT -s ! 10.19.1.0/24 -j ACCEPT iptables A INPUT -d 10.19.1.0/24 -j ACCEPT

    PUERTO FUENTE Y DESTINO:


    Iptables -A INPUT - p udp --sport 53 -j ACCEPT Iptables -A INPUT - p tcp,udp --sport 0:1023 -j ACCEPT #Puertos 1->1023 Iptables -A INPUT - p tcp,udp --dport :1023 -j ACCEPT # igual al ant. Iptables -A INPUT - p tcp,udp --dport 1024: -j ACCEPT # igual al ant.

    INTERFASE DE ENTRADA:
    iptables A INPUT - i eth0 -j ACCEPT iptables A INPUT - i ! eth0 -j ACCEPT # excepto eth0 iptables A INPUT - i eth+ -j ACCEPT # Cualquier int Ethernet

    INTERFASE DE SALIDA: iptables A OUTPUT - o eth0 -j ACCEPT iptables A OUTPUT - o ! eth0 -j ACCEPT # excepto eth0 iptables A OUTPUT - o eth+ -j ACCEPT # Cualquier int Ethernet ICMP
    iptables -t filter -A INPUT -p icmp --icmp-type echo-request -j REJECT iptables -t filter -A INPUT -p icmp --icmp-type echo-replay -j REJECT VARIOS # iptables -A OUTPUT -s 192.168.1.2 -d 192.168.1.1 -p icmp -j ACCEPT # iptables -A INPUT -s 192.168.1.1 -d 192.168.1.2 -p icmp -j ACCEPT # iptables -A OUTPUT -s 192.168.1.2 -d 192.168.1.1 -p tcp --sport 1024:65535 --dport 23 -j ACCEPT # iptables -A INPUT -s 192.168.1.1 -d 192.168.1.2 -p tcp --sport 23 --dport 1024:65535 -j ACCEPT # iptables -A INPUT -s 192.168.1.1 -i eth0 -p icmp -j ACCEPT # iptables -A INPUT -i eth0 -p udp --sport 53 -j ACCEPT # iptables -A INPUT -i eth0 -p tcp --sport 80 -j ACCEPT

    You might also like