Iptables

(Redirected from Iptables)

net-firewall/iptables


Source Repository:Repository:Gentoo Portage Tree

http://www.netfilter.org/projects/iptables/

Summary: Linux kernel (2.4+) firewall, NAT and packet mangling tools

Use Flags

conntrack
Build against net-libs/libnetfilter_conntrack when enables the connlabel matcher
netlink
Build against libnfnetlink which enables the nfnl_osf util
pcap
Build against net-libs/libpcap which enables the nfbpf_compile util

News

Drobbins

IP Space Migration Continues

All Funtoo user containers in the 8.28 IP space will be moving into our new IP space (172.97) over the next few days. If you have DNS set up -- be sure to watch your container and update to the new IP! container.host.funtoo.org DNS will be updated after the move.
2015-08-27 by Drobbins
Drobbins

Funtoo Hosting IP Move

Funtoo user containers with IPs in the 72.18.x.x range will be gradually migrating to new IP addresses this week. If you have DNS entries for your containers, please be aware that your DNS will need to be updated.
2015-08-11 by Drobbins
Drobbins

New ARM Stages

New ARM Stages, built with a new toolchain, are now hitting mirrors. Existing ARM users should re-install using these stages (dated Aug 3, 2015 or later,) rather than upgrade using emerge.
2015-08-06 by Drobbins
More...

Iptables

Tip

We welcome improvements to this page. To edit this page, Create a Funtoo account. Then log in and then click here to edit this page. See our editing guidelines to becoming a wiki-editing pro.

iptables is a program used to configure and manage the kernels netfilter modules.

Installation

Kernel Settings

Under Netfilter--> set to all modules--> or all y--> prefer modules.:

-> Networking support
     -> Networking options     
       -> Network packet filtering framework (Netfilter)

Emerge

# emerge iptables

First Run

For some services such as sshguard & Fail2ban you need a generic running firewall. We will save a blank firewall rule set and start the firewall.

ipv4

# rc-service iptables save
# rc-service iptables start

to start upon reboot

# rc-update add iptables default

ipv6

# rc-service ip6tables save
# rc-service ip6tables start

To make the service start upon system reboot, run:

# rc-update add ip6tables default

Show firewall Rules & Status

ipv4

# iptables -L -n

ipv6

# ip6tables -L -n