Installation Manual |
Packet Filtering using ipchains
The Linux utility ipchains can be used to filter IP packets entering, leaving and passing through interfaces. An ipchains tutorial is beyond the scope of this manual. For more information on ipchains, see the ipchains man page (by typing man ipchains at the Linux command prompt) or the howto: http://netfilter.filewatcher.org/ipchains/ HOWTO.html.
The syntax of the ipchains command is:
ipchains
where command is one of the following:
A - Add a condition or rule to the end of the chain. Note that the order in which a condition appears in a chain can modify its application and the first rule added to a chain is processed first, etc.
D - Delete a condition from the chain. The condition must match exactly with the command’s arguments to be deleted.
R- Replace a condition in the chain.
I - Insert a condition in a specified location in the chain. L - List all conditions in the chain.
F - Flush (remove) all conditions in the chain. N - Create a new chain.
X - Deletes a
P - Policy applied for default handling
chain is one of the following: input - filters incoming packets output - filters outgoing packets
forward - filters packets which are not created by the server and are not destined to the server
user_created_chain - a previously defined (or in the process of being defined) chain created using the N command described above.
Appendix A - Linux | 41 |