4-3

Question 1

to list the current iptables rules you use

Answer 1

iptables-L

Question 2

to allow communication on a specific port. in this example using ssh port 22 you use

Answer 2

iptbles -A INPUT -p tcp –dport ssh -j ACCEPT

Question 3

or prehaps you need to allow all incoming web/HTTP traffic

Answer 3

iptables -A INPUT -p tcp –dport 80 -j ACCEPT

Question 4

logging dropped packets is also a good idea. the following command does that

Answer 4

iptables -I INPUT 5 -m limit –limit 5/min -j LOG –log prefix “iptables denied: “ –log-level 7

Question 5

iptable flags / append this rule to the rule chain

Answer 5

A

Question 6

iptable flags / lit the current filter rules

Answer 6

-L

Question 7

iptable flags / the connection protocol used

Answer 7

-p

Question 8

iptable flags / the destination port required for this rule. a single port may be given, or a range may be given as start:end

Answer 8

–dport

Question 9

iptable flags / the maximum matchin rate, given as a number followed by “/second”, “/minute”, “/hour”, “/day” depending on how often you want the rule to match

Answer 9

–limit

Question 10

iptable flags / define the list of states for the rule to match on

Answer 10

–ctstate

Question 11

iptable flags / when logging, put this tect before the log message. use double quotes around the text use

Answer 11

–log-prefix

Question 12

iptable flags / logusing the specified syslog level

Answer 12

–log-level

Question 13

iptable flags / only match if the packet is coming in on the specifiedinterface

Answer 13

-i

Question 14

iptable flags / verbose output

Answer 14

-v

Question 15

iptable flags / source specification

Answer 15

-s

Question 16

iptable flags / destnation specification

Answer 16

-d

Question 17

iptable flags / output name

Answer 17

-o