In this post, I will discuss about iptables.
Iptables is a tool in the Linux operating system that serves as a tool for filtering (filtering) (traffic) data traffic. Simply described as a data traffic regulator. With iptables, we will manage all traffic on our computer, whether it enters the computer, exits the computer, or traffic that just passes through our computer. source: http://dhetkj.blogspot.com/2011/06/pengertian-iptables.html?m=1
Just go straight to the practice
iptables -A INPUT -p icmp –in-interface wlp3s0 -j REJECT or DROP
The first is to block all IP people from being able to ping our IP. Well, there I gave the choice to have REJECT or DROP. The difference is, if we use the REJECT, then the person who wants to ping our IP will know the IP is rejected, while the DROP does nothing.
iptables -A INPUT -i wlp3s0 -s 192.168.100.81 -j REJECT or DROP
The second is the same as above, but the difference is we only block certain IPs, or which IPs we want to block.
sudo iptables -A INPUT -i wlp3s0 -p tcp -s 192.168.100.31/24 – port 22 -j REJECT or DROP
Third, we block all ip and port people from being able to enter our computers using SSH or telnet. This can be used to prevent hacking in our system later.
sudo iptables -A INPUT -i wlp3s0 -p tcp -s 192.168.100.22 –dport 22 -j REJECT
The fourth is almost the same as the one above, only the difference, if the fourth one we block only certain IPs, so all of our IPs are blocked. This can be used for our friends who sometimes like to enter using SSH.
In this bonus, I will explain the length of the parameters above.
-A = Add -i = Interfaces (ethernet card) -p = Protocol -s = Source -dport = Destination port -j = Jump (target)
Oh yes, to see the iptables list, we only need to type the command:
and to reset it, we only need to type
and all the settings that we made earlier will be as busy as before
Maybe that’s what I can write this time, as usual, criticism & suggestions are needed in my writing to be better in the future. So, you can contact me via Twitter or Instagram, which is listed at the bottom of my website.