Saturday, January 2, 2010

IPv6 IPTABLES IN REDHAT LINUX

IPv6 IPTABLES
Features:

1. Firewall for IPv6

/etc/rc.d/init.d/ip6tables - run-script
/etc/sysconfig/ip6tables-config - system-wide config file
/sbin/ip6tables - primary tool for administering IP6Tables
/sbin/ip6tables-restore
/sbin/ip6tables-save

2. Maintains 3 default tables:

•Filter - matches IPTables(IPv4)
•Mangle - matches IPTables(IPv4)
•Raw

Usage:

1. ip6tables -L
Note: IPv6 firewall rules are administered independently of IPv4 rules
Tasks:
1. Filter inbound traffic to remote RH5 system to SSH
•ip6tables -A INPUT -p tcp --dport 22 -j ACCEPT
•ip6tables -A INPUT -j DROP

2. Filter outbound traffic to ANY remote SSH port
•ip6tables -A OUTPUT -p tcp --dport 22 -j DROP

3. Flush ALL rules from OUTPUT chain of the Filter table
•ip6tables -F OUTPUT

4. Save rules to file, then flush rules
•ip6tables-save > ip6tables.rules.1

5. Reinstate flushed rules
•ip6tables-restore ip6tables.rules.1

No comments:

Post a Comment