Iptables Komutları
Başlıca iptables komutları ve kullanımları;
———————————————————————————————-#!/bin/etc/bash
#Taboları temizle
iptables -t nat -F
iptables -t nat -X
iptables -F
iptables -X
################################
#NAT KURALLARI
#DNS Yönlendirme
iptables -t nat -A PREROUTING -i eth1 -p udp –dport 53 -j DNAT –to 10.0.0.2
iptables -t nat -A PREROUTING -i eth1 -p tcp –dport 53 -j DNAT –to 10.0.0.2
#Kaynak adres gizleme
iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -o eth0 -j SNAT –to 10.0.0.3
#SQUID Proxy için
iptables -t nat -A PREROUTING -p tcp –dport 80 -j REDIRECT –to-port 3128
iptables -t nat -A PREROUTING -i eth0 -p tcp –dport 80 -j REDIRECT –to-port 3128
#Öntanımlı kurallar
iptables -P FORWARD DROP
iptables -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT
#Yönlendirilmiş paket kuralları
#Geridönüşler açık
iptables -A FORWARD -i eth0 -o eth1 -m state –state ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -i eth0 -o eth1 -m state –state ESTABLISHED,RELATED -j ACCEPT
#DNS Sorgusu
iptables -A FORWARD -i eth1 -o eth0 -p udp –dport 53 -j ACCEPT
iptables -A FORWARD -i eth1 -o eth0 -p tcp –dport 53 -j ACCEPT
#HTTPS
iptables -A FORWARD -i eth1 -o eth0 -p tcp –dport 443 -j ACCEPT
#SSH
iptables -A FORWARD -i eth1 -o eth0 -p tcp –dport 22 -j ACCEPT
#FTP
iptables -A FORWARD -i eth1 -o eth0 -p tcp –dport 21 -j ACCEPT
#POP3
iptables -A FORWARD -i eth1 -o eth0 -p tcp –dport 110 -j ACCEPT
#MSN Baş belası
iptables -A FORWARD -i eth1 -o eth0 -p tcp –dport 1863 -j ACCEPT
iptables -A FORWARD -i eth1 -o eth0 -p tcp –dport 6891 -j ACCEPT
iptables -A FORWARD -i eth1 -o eth0 -p tcp –dport 6900 -j ACCEPT
iptables -A FORWARD -i eth1 -o eth0 -p udp –dport 6900 -j ACCEPT
iptables -A FORWARD -i eth1 -o eth0 -p tcp –dport 6901 -j ACCEPT
iptables -A FORWARD -i eth1 -o eth0 -p udp –dport 6901 -j ACCEPT