Friday, 30 December 2016

IPTABLES refresher

Needed to activate iptables on an Ubuntu server on DigitalOcean.  Found some excellent write-ups on the DO site, to solve an initial problem running 'iptables -L' and to summarise the basic stuff - including the use of "conntrack" to make the rules properly stateful rather than just noddy.

TL;DR: if "iptables -L" mutters something about "no such file or directory", you need to
  • sudo apt-get install linux-image-$(uname -r)
  • More info in the links below... 

    PS: You should run "iptables -L -n -v" not just "iptables -L".  The "-n" prevents rDNS lookups. The "-v" says that the interface names for each rule will be listed, without which you can't meaningfully review the ruleset!