Linux – Setting up iptables firewall rules (LEGACY) (Video 2 of 4 for setting up Linux Router)

Video is ready, Click Here to View ×


THIS IS NOW LEGACY… PLEASE CONSIDER USING CENTOS 7

Read:

In this video, I show you how to setup iptables/firewall/NAT on your DHCP server. This is the second video of having a linux box running as a DHCP server, gateway, and router of any given network. We touch on iptables and how to set it up with various commands.

Thank you, Shane.

Written version:

Notes:

If you use debian or anything debian based, I cannot help…

15 Comments

  1. thanks for video…
    in my centos6, iptables v1.4.7 , i don't have NAT table.
    see below…
    *raw
    :PREROUTING ACCEPT [296:27906]
    :OUTPUT ACCEPT [236:25501]
    -A PREROUTING -i eth0:0 -p udp -m udp –dport 4443 -j ACCEPT
    -A PREROUTING -i eth0:0 -p tcp -m tcp –dport 4443 -j ACCEPT
    COMMIT
    # Completed on Fri Mar 24 01:43:34 2017
    # Generated by iptables-save v1.4.7 on Fri Mar 24 01:43:34 2017
    *mangle
    :PREROUTING ACCEPT [296:27906]
    :INPUT ACCEPT [267:24581]
    :FORWARD ACCEPT [0:0]
    :OUTPUT ACCEPT [236:25501]
    :POSTROUTING ACCEPT [236:25501]
    COMMIT
    # Completed on Fri Mar 24 01:43:34 2017
    # Generated by iptables-save v1.4.7 on Fri Mar 24 01:43:34 2017
    *filter
    :INPUT ACCEPT [266:24521]
    :FORWARD ACCEPT [0:0]
    :OUTPUT ACCEPT [236:25501]
    -A INPUT -p tcp -m tcp –dport 4443 -j ACCEPT
    COMMIT
    # Completed on Fri Mar 24 01:43:34 2017

  2. Why doesn't the line to drop incomming tcp connections specify an interface?
    I'd expect -i eth0 as a parameter there.

    Will people on the network be able to setup a tcp connection with a server somewhere on the internet, using this method? Thanks 🙂

  3. Hi there,

    Wow amazing… very nice tutorial… good for novice like me…
    Can I request also a tutorial in REDIRECTION for squid transparent proxy server. I already have the squid 3.0 proxy server set up. But I'm having trouble setting the redirection to make it transparent so I don't have to configure the browsers of my client. Please help me.

    Thanks in advance.

Leave a Reply

Your email address will not be published.


*