Iptables you need to know about the brief information about each segment of the people who manage the system can understand I'll explain in a language. Iptables Linux and BSD Unix-based servers or through the traffic to the access control rules-based applications. Today, many software integrated with iptables firewall rules are used as an access-based controller that can be called. Iptables can be done with a lot of access control. I'll talk about later in the document, this document aims to provide basic information and everyone needs to know the information is created. Iptables rules-based process control makes this process usually process, procedure, protocol, destination, source, control the costs as ordered. Many documents as the rules process chain is defined as a chain. Processing information about the parameters are in the bottom. A: To add new rules I: L in December to add to the rules: Rules to List N: Process to add X: Process to delete D: Rule to delete F: to delete all rules Z: to reset the counters R: Rule change Examples will be mentioned in the quotation I am writing "iptables-F" resets all rules in iptables. I usually do not have information on how to use iptables people who manage the system firewall software users to write with the ban due to his discomfort, and does not know the purpose. Until the end of the document read to you fully with iptables it's not mastered much more input information will facilitate your business. .. Let's go to our Topics Speaking during the next operation of process procedures and procedures indicates that the action of the procedure. Only three such procedures, separated by commas within the quotation I am writing them available "INPUT, OUTPUT, FORWARD" say the meaning of these three basic procedures. INPUT: the parcels from the outside. OUTPUT: out of the package. FORWARD: Out from the package and we pass on to us. Transaction protocol during the next business roll by. Shows a control protocol will be made. Protocols already know too much about the specific protocols that provide information not available in the "TCP, UDP, ICMP, IGMP" We're doing this protocol with the control. Protocols to be able to use "-p" parameter is used. (I have quoted indicate is written in small letters) Other is a process to target the objectives of the audit process will need to specify the destination for "-d" parameter is used to specify the destination shown in the quotation I "-d 10.0.0.2" said ip address 10.0.0.2 as the destination are provided. Similarly, the destination portunuda "dport" parameter is berkit with. Again an example will be done "-d 10.0.0.2-dport 80" said the 10.0.0.2 ip number will be set as the destination port number 80. During the next operation is located in our Resources. The source of the job "-s" parameter are indicated by. Use the same process as the target is. Port to specify the "-sport" parameter is used. Finally, our inspection process is. The audit should specify the job. Control used to script some of the meanings are. DROP: to block ACCEPT: to allow REJECT: to block and ban the answer to send the LOG: Processing of keep a record this in our documents as the basis e iptables logging due'll only this much information will be given the next document in the iptables wonders will. Now, several examples help you understand the topic I'll .. This command can list all the iptables rules. iptables –L This command will reset all rules with the existing. iptables –F Now according to our server during the process of our 80 port shut iptables –A INPUT -p tcp -s 0/0 --dport 80 -j DROP iptables-A INPUT-p ICMP-j DROP typing ping our servers prohibits taken ... However, another example ip to ban it .. so far away iptables-A INPUT-s 10.0.0.2-j DROP This command numbered 10.0.0.2 with the ip address of our server However, with the help of iptables has got away .. certain ip range can zoom out from our server. However, we need to make an example. Iptables-A INPUT-s 10.0.0.0 / 8-j DROP komudu / 8 that the 10.0.0.0 network from 10,255,255,255 until the rope away from the server will aralıgını. Bunu / 16 and / 24 can do olarakda. An example will be done again-s 192.168.1.0/24-j DROP iptables-A INPUT komudu 192.168.1.0 from 192.168.1.255 to the server so the ip range from our will. In this way, the specific service provider or country of ip ranges can block access to our server.