Iptables (Debian): Unterschied zwischen den Versionen

Aus MattWiki
Keine Bearbeitungszusammenfassung
 
(3 dazwischenliegende Versionen desselben Benutzers werden nicht angezeigt)
Zeile 1: Zeile 1:
== Befehle ==
== Commands ==
iptables-restore < iptables.rules      # Regeln aus iptables.rules in IPTables importieren
iptables-save > iptables.rules          # Regeln aus iptables.rules nach IPTables exportieren
iptables -L                            # Aktive Firewallkonfiguration anzeigen
iptables -L -v                          # Aktive Firewallkonfiguration mit mehr Details anzeigen
iptables -S                            # Aktive Firewallregeln anzeigen
iptables -F                            # Flush / Aktive Regeln löschen


== iptables 1.4.21 auf Debian 8.0 einrichten ==
iptables-save > iptables.rules          # Export iptables rules to iptables.rules
iptables-restore < iptables.rules      # Import iptables rules from iptables.rules
iptables -L                            # List active iptables
iptables -L -v                          # List active iptables and show adapters
iptables -S                            # List active in iptables-save-format
iptables -F                            # Flush active rules
 
== iptables on Debian ==
 
=== Add iptables Rule File ===
 
Copy '''iptables.rules''' to '''/etc'''


cd /etc
wget <iptables rules file>
  chown root:root iptables.rules
  chown root:root iptables.rules
  chmod 600 iptables.rules
  chmod 600 iptables.rules
nano iptables.test.rules # update at least SSH port
  iptables-restore < iptables.rules
  iptables-restore < iptables.rules


Prüfen, ob SSH Zugriff noch funktioniert.
Check, if still works.
 
=== Enable Automatic Load of Rules at Startup ===
 
Copy iptables-restore script to '''/etc/network/if-pre-up.d/'''


iptables Konfiguration beim Netzwerk Startup laden:
Add execution permissions:


iptables-save > iptables.rules
chown root:root iptables.rules
chmod 600 iptables.rules
cd /etc/network/if-pre-up.d/
wget <iptables load file>
  chmod +x iptables
  chmod +x iptables


Hierfür kann auch der Dienst iptables-persistent genutzt werden. Muss vorher installiert werden:
The package '''iptables-persistent''' which also can be used for persisting iptables:
 
  # apt-get install iptables-persistent
  # apt-get install iptables-persistent


== ipset Blacklist ==
== Blacklisting with ipset with Automatic Updates ==
 
https://github.com/trick77/ipset-blacklist
 


See: https://github.com/trick77/ipset-blacklist


.
[[Category:Linux]]
[[Category:Linux]]
[[Category:Terminal]]
[[Category:Terminal]]

Aktuelle Version vom 27. September 2020, 09:36 Uhr

Commands

iptables-save > iptables.rules          # Export iptables rules to iptables.rules
iptables-restore < iptables.rules       # Import iptables rules from iptables.rules
iptables -L                             # List active iptables
iptables -L -v                          # List active iptables and show adapters
iptables -S                             # List active in iptables-save-format
iptables -F                             # Flush active rules

iptables on Debian

Add iptables Rule File

Copy iptables.rules to /etc

chown root:root iptables.rules
chmod 600 iptables.rules
iptables-restore < iptables.rules

Check, if still works.

Enable Automatic Load of Rules at Startup

Copy iptables-restore script to /etc/network/if-pre-up.d/

Add execution permissions:

chmod +x iptables

The package iptables-persistent which also can be used for persisting iptables:

# apt-get install iptables-persistent

Blacklisting with ipset with Automatic Updates

See: https://github.com/trick77/ipset-blacklist