Note

The Funtoo Linux project has transitioned to "Hobby Mode" and this wiki is now read-only.

Difference between revisions of "Package:Iptables"

From Funtoo
Jump to navigation Jump to search
(deleting redirects is broken? stub category removed)
 
Line 9: Line 9:
=== Emerge ===
=== Emerge ===
<console>
<console>
##r#####b##emerge iptables
###i## emerge iptables
</console>
</console>


Line 15: Line 15:
For some services such as [[Package:Sshguard | sshguard]] & [[Package:fail2ban | Fail2ban]] you need a generic running firewall.  We will save a blank firewall rule set and start the firewall.
For some services such as [[Package:Sshguard | sshguard]] & [[Package:fail2ban | Fail2ban]] you need a generic running firewall.  We will save a blank firewall rule set and start the firewall.


==== ip v4 ====
==== ipv4 ====
<console>
<console>
##r#####b##rc-service iptables save
###i## rc-service iptables save
##r#####b##rc-service iptables start
###i## rc-service iptables start
</console>
</console>
to start upon reboot
to start upon reboot
<console>
<console>
##r#####b##rc-update add iptables default
###i## rc-update add iptables default
</console>
</console>


==== ip v6 ====
==== ipv6 ====
<console>
<console>
##r#####b##rc-service ip6tables save
###i## rc-service ip6tables save
##r#####b##rc-service ip6tables start
###i## rc-service ip6tables start
</console>
</console>
to start upon reboot
 
To make the service start upon system reboot, run:
<console>
<console>
##r#####b##rc-update add ip6tables default
###i## rc-update add ip6tables default
</console>
</console>


== Show firewall Rules & Status ==
== Show firewall Rules & Status ==
===ip v4===
===ipv4===
<console>
<console>
##r#####b##iptables -L -n
###i## iptables -L -n
</console>
</console>
===ip v6===
 
===ipv6===
<console>
<console>
##r#####b##ip6tables -L -n
###i## ip6tables -L -n
</console>
</console>



Revision as of 19:20, September 12, 2014

Iptables

   Tip

We welcome improvements to this page. To edit this page, Create a Funtoo account. Then log in and then click here to edit this page. See our editing guidelines to becoming a wiki-editing pro.

iptables is a program used to configure and manage the kernels netfilter modules.

Installation

Emerge

root # emerge iptables

First Run

For some services such as sshguard & Fail2ban you need a generic running firewall. We will save a blank firewall rule set and start the firewall.

ipv4

root # rc-service iptables save
root # rc-service iptables start

to start upon reboot

root # rc-update add iptables default

ipv6

root # rc-service ip6tables save
root # rc-service ip6tables start

To make the service start upon system reboot, run:

root # rc-update add ip6tables default

Show firewall Rules & Status

ipv4

root # iptables -L -n

ipv6

root # ip6tables -L -n