IPtables is a tool to that performs packet filtering in Linux 2.4 kernel. It is a replacement for ipchains in the previous versions. The entire data transfered through networks is in form of packets.The headers of the packets give us the information that is required for making routing decisions and other administrative details. The actual data that is being transfered belongs to the body. To filter packets, its header is examined and appropriate action is taken.

The question then arises why do we need to examine the header and filter the packets? The most important reason would be enhance the security of the network. For example we might want to protect our system from malicious outsiders. Another reason is we might want to restrict or control the usage of the resource that belongs to our network. For example we might want to allow only limited ammount of traffic to pass through.

Basic Format
Tables
The first option is table. There are three kinds of tables namely nat, mangle and filter.
Nat: This table is used for network address translation. There are three chains PREROUTING, OUTPUT and POSTROUTING. Prerouting chain is used to alter the packets as soon as they enter the firewall. Output chain is used to alter the packets locally generated. And postrouting chain is used to alter the packets as they are leaving the firewall
Mangle: This table is used to mangle packets and has two default chains. This table should not be used to either filter packet or do any address translation. The two default chains are PREROUTING and OUTPUT. As with prerouting in Nat table here also it is used to mangle packets as they enter the firewall. And the output is used to mangle packets that are generated locally. This table changes different packets and how their headers appear. For example TTL or TOS.
Filter: This is used to actually filter the packets and if the tables option is not specified then the command is applied to this tables. There are three kinds of chains the INPUT, OUTPUT and FORWARD. The input chain is used on the packets that are destined for local host. Output as in the above cases is used on the locally generated packets. And forward is used on all other chains. The action that can be taken is DROP, LOG, ACCEPT or REJECT on each chain.

Read More…

You can download file for installing at this link http://rocky.molphys.leidenuniv.nl/page/iptables/download.htm Download this file arno-iptables-firewall-1.8.2a-stable.tgzDownload and Installing

Next, Create directory name “arno” :
Login as root

[root@test root]#cd ..
[root@test /]#
[root@test /]#mkdir arno
[root@test /]#

Untar file from your downloaded into /arno/ directory

[root@test /]#cd arno ////Change directory to /arno directory you need to store file downloaded at this and use command as below :

[root@test arno]#tar -zxvf arno-iptables-firewall-1.8.2a-stable.tgz

You will have 10 files in this directory, Next, you need to delete arno-iptables-firewall-1.8.2a-stable.tgz file.

[root@test arno]#rm arno-iptables-firewall-1.8.2a-stable.tgz

You have configuration file and 2 file for setting up that is rc.iptables and iptables-firewall.conf

You need to change Owner all file to root Owner via command as below :

[root@test root]#chown -R root /arno

Change Permission on some file via command as below :

[root@test root]#chmod 700 /arno/rc.iptables
[root@test root]#chmod 600 /arno/iptables-firewall.conf

Read More…