9
edits
Changes
→Investigation 8: How do I view and configure the IPTABLES firewall? -- Basic Function/Configuration
* Open a browser and confirm that you can access the world wide web.
* Enter the command:
** <code>iptables -I OUTPUT -p tcp -s0/0 -d 0/0 –dport --dport 80 -j DROP</code>
{{Admon/note| |This command can be read like this, Insert a line into the iptables OUTPUT chain that will look at tcp information and DROP any packet with a source address from anywhere, to a destination address to anywhere if the destination port is 80. Let's break down the command to see how it works.
The '''-d0/0''' switch specifies the destination address. It makes sense that this address is set to “anywhere” because if we want to block all requests to the WWW, we will never know the specific IP address of web server that is trying to be accessed.
The switch '''–dport --dport 80''' tells iptables to look at the destination port in the packet and see if it is equal to 80
'''-j''' means jump to a particular condition – Basic conditions are ACCEPT, DROP and LOG. There are others and you also have the ability to create your own.
