There are many posts about how to create a firewall using Linux, and probably this could be one more, but I'll try to make it different. First, because the things that I write here, are things I'm currently using, and are working to me. Second because, learn iptables is not an easy task, especially at the beginning, but when you finally get a reasonable idea of how it is working, use it is quite easy and I'll try to explain who iptables works in an easy way.
Introduction.
I'm using a raspberry pi that connects to my ISP using a WiFi network (don't ask why). I'm using the raspberry built-in wifi adapter for this proposal, and a wifi router connected to the pi's ethernet port to have my local wifi network and connects my devices to the personal WiFi net and not to the ISP provider network like some other people do.
Iptables: The basics.
To work with tables we need to know there are three basic elements used in tables: Policies, Chains and Rules.
The policies control the main behaviour of the chains, and the rules are exceptions to the policies into the chains. Ok, this sounds a little confusing but this going to be clear when we start to make some examples.
The Policies and the rules have 3 possible states: Accept, Drop and Reject. and there are 3 basic chains INPUT, OUTPUT and FORWARD. It is possible create more chains but we are in the basic explanation.
Ok, is time to push the gas...
Let's make an analogy whit physical country frontiers: Lest takes the 3 countries of North America, Canada, US and Mexico.
Imagine that you live in Canada or Mexico. If you want to go IN to US, you are using the INPUT chain. If you want to go OUT to US, you use the OUTPUT chain. if you want to go to Mexico or Canada crossing US you use the chain FORWARD.
With the computers is the same, US is the computer with iptables, Canada and Mexico are two networks that you want to connect using the iptables box.
Ok, now the Policiescontrol the general behaviour of a chain, if you configure your INPUT chain the policy ACCEPT, all the things that you want to introduce from Mexico or Canada to US you will be allowed to do, everything.
The same with the chain OUTPUT, if you configure the policy ACCEPT you can move everything from US to Canada or Mexico, everything.
With FORWARD is the same, you can move whatever you want from Canada to Mexico using US as a bridge.
If you are running a Linux box, execute this command (you'll need root privileges):
iptables -L
You can see that your tables have this configuration:
This configuration allow all kind of traffic flow from and to your computer without restrictions.
As you can see there are the three chains INPUT, OUTPUT and FORWARD and all of them with the policy ACCEPT.
If you are using a Linux distribution like CentOS or other distro based on RedHat, it is probably you get other responses but don't worry, in the next posts we will see whats it's meaning and how to work with them.
Conclusion
In this first part of the introduction, we know there are three basic elements to understand to work in iptables Policies, Chains and Rules.
Policies are the Chains' default rule (the no write rule in each chain). But we can create rules in each chain to create exemptions to the policies.
Both the policies and the rules have three possible states ACCEPT, DROP and REJECT
To show the configuration of the iptable we use the command iptables -L as root
To finish this first part of the introduction, let me ask you something... What happens if we change the chains' policy to DROP?
No comments:
Post a Comment