Iptables

Question 1

iptables -I INPUT -s 198.51.100.0 -j DROP

Answer 1

Command adds a rule to the beginning of the chain that will drop all packets from the address 198.51.100.0

Question 2

-I option

Answer 2

sing a rule with the insertion option will add it to the beginning of a chain and will be applied first. To indicate a specific placement in the chain

Question 3

-s parameter

Answer 3

indicates the source.

Question 4

he -j parameter

Answer 4

stands for jump. It specifies the target of the rule and what action will be performed if the packet is a match.

Question 5

-p, –protocol

Answer 5

The protocol, such as TCP, UDP, etc.

Question 6

-s, –source

Answer 6

Can be an address, network name, hostname, etc.

Question 7

-d, –destination

Answer 7

An address, hostname, network name, etc.

Question 8

-g, –goto chain

Answer 8

Specifies that the processing will continue in a user-specified chain.

Question 9

-i, –in-interface

Answer 9

Names the interface from where packets are received.

Question 10

-o, –out-interface

Answer 10

Name of the interface by which a packet is being sent.

Question 11

-f, –fragment

Answer 11

The rule will only be applied to the second and subsequent fragments of fragmented packets.

Question 12

-c, –set-counters

Answer 12

Enables the admin to initialize the packet and byte counters of a rule.

Question 13

Filter table

Answer 13

This is the default table. Its built-in chains are:

1. Input: packets going to local sockets
2. Forward: packets routed through the server
3. Output: locally generated packets

Question 14

Nat table

Answer 14

When a packet creates a new connection, this table is used. Its built-in chains are:

1. Prerouting: designating packets when they come in
2. Output: locally generated packets before routing takes place.
3. Postrouting: altering packets on the way out

Question 15

Mangle table

Answer 15

Used for special altering of packets. Its chains are:

1. Prerouting: incoming packets
2. Postrouting: outgoing packets
3. Output: locally generated packets that are being altered
4. Input: packets coming directly into the server
5. Forward: packets being routed through the server

Question 16

Raw table

Answer 16

Primarily used for configuring exemptions from connection tracking. The built-in chains are:

1. Prerouting: packets that arrive by the network interface
2. Output: processes that are locally generated

Question 17

Security table

Answer 17

Used for Mandatory Access Control (MAC) rules. After the filter table, the security table is accessed next. The built-in chains are:

1. Input: packets entering the server
2. Output: locally generated packets
3. Forward: packets passing through the server

Question 18

iptables command: -A –append

Answer 18

Add one or more rules to the end of the selected chain.

Question 19

iptables command: -C –check

Answer 19

Check for a rule matching the specifications in the selected chain.

Question 20

iptables command: -D –delete

Answer 20

Delete one or more rules from the selected chain.

Question 21

iptables command: -F –flush

Answer 21

Delete all the rules one-by-one.

Question 22

iptables command: -I –insert

Answer 22

Insert one or more rules into the selected chain as the given rule number.

Question 23

iptables command: -L –list

Answer 23

Display the rules in the selected chain.

Question 24

iptables command: -n –numeric

Answer 24

Display the IP address or hostname and post number in numeric format.

Question 25

iptables command: -N –new-chain

Answer 25

Create a new user-defined chain.

Question 26

iptables command: -v –verbose

Answer 26

Provide more information when used with the list option.

Question 27

iptables command: -X –delete-chain

Answer 27

Delete the user-defined chain.