Since iptables is a kernel function, you're not going to see processes running so no ps command is going to tell you anything about whether or how it is working. This provides the "default deny" rule that gives firewalls their claim to fame - denying everything that you don't explicitly allow. If you haven't made any changes, the filter table will likely be set up to accept established connections, icmp requests and requests sent to the loopback interface (i.e., those generated on the system itself). By default and in most cases, only one table - the one called "filter" - is actually configured. You can pretty much leave it as is unless or until you need to provide a service to other systems or, in other words, until your system needs to become a server.Īs the name implies, iptables is organized as a set of tables.
Offspring of the earlier ipchains, iptables generally blocks network traffic that tries to reach services on your system. Iptables, more properly referred to as "iptables/netfilter" because of the two modules that are involved - the userspace module "iptables" and the kernel module "netfilter" - is the firewall that you'll find running by default on most Linux systems today.
0 kommentar(er)
