Iptables is a user-space utility application for configuring the IP packet filter rules of the enable firewall in the linux kernel firewall, which are implemented as separate Netfilter modules. The filters are structured in separate tables, each of which has a set of rules for how network traffic packets should be handled.
Currently, separate kernel modules and programs are used for different protocols; enable firewall in linux iptables is used for IPv4, ip6tables is used for IPv6, arptables is used for ARP, and ebtables is used for Ethernet packets.
The IP packet filter rules of the Linux kernel firewall can be configured using iptables. To get the most out of these rules, you may need some advanced understanding of how to put them up. Here are a few samples to get you started.$ service iptables start
// Force SYN packets check
$ iptables -A INPUT -p tcp ! –syn -m state –state NEW -j DROP
// Drop XMAS packets
$ iptables -A INPUT -p tcp –tcp-flags ALL ALL -j DROP
// Drop null packets
$ iptables -A INPUT -p tcp –tcp-flags ALL NONE -j DROP
// Drop incoming packets with fragments
$ iptables -A INPUT -f -j DROP
At Velan, our server support engineers can harden & manage your Linux server. If you are interested in our service, please fill the Quick connect form to get in touch with us.