From 508e0b6bd875435547a08e9d3a180bea8141bca8 Mon Sep 17 00:00:00 2001 From: Andres Hermosilla Date: Thu, 20 Jul 2017 11:43:19 -0700 Subject: [PATCH] Added info on modules to iptables --- itables-nft.md | 22 +++++++++++++++++++++- 1 file changed, 21 insertions(+), 1 deletion(-) diff --git a/itables-nft.md b/itables-nft.md index 9c48c75..c0862a3 100644 --- a/itables-nft.md +++ b/itables-nft.md @@ -4,6 +4,9 @@ Below are the names of the tables that rules are associated with. On web services you will typically only interact with the filter table. +**List tables** +`ls /lib/modules/$(uname -r)/kernel/net/ipv4/netfilter | grep -Po '(?<=iptable_)[a-z]+'` + - filter - nat - mangle @@ -20,6 +23,21 @@ will typically only interact with the filter table. `sudo iptables-save` +## Modules & Extensions +http://ipset.netfilter.org/iptables-extensions.man.html + +**List Extensions etc** +`sudo ls /lib/modules/$(uname -r)/kernel/net/netfilter/` + +**List modules** +`sudo ls /lib/modules/$(uname -r)/kernel/net/netfilter/xt_* | grep -oP '(?<=xt_)([a-z]+)'` + +**Find directory of modules** +`ls $(iptables -m xyz -h 2>&1 | grep -oP '(?<=:)([a-z0-9\/_\-\.]+)' | xargs dirname)` + +**Get Help on module** +`iptables -m conntrack -h` + ## Throttling, Rate Limiting - https://www.rackaid.com/blog/how-to-block-ssh-brute-force-attacks/ - https://thelowedown.wordpress.com/2008/07/03/iptables-how-to-use-the-limits-module/ @@ -38,4 +56,6 @@ will typically only interact with the filter table. - https://www.tecmint.com/linux-iptables-firewall-rules-examples-commands/ - https://wiki.archlinux.org/index.php/simple_stateful_firewall#Tricking_port_scanners - https://wiki.archlinux.org/index.php/Sysctl#TCP.2FIP_stack_hardening -- https://danielmiessler.com/study/iptables/ \ No newline at end of file +- https://danielmiessler.com/study/iptables/ +- https://strongarm.io/blog/linux-firewall-performance-testing/ +- https://www.tummy.com/blogs/2005/07/17/some-iptables-modules-you-probably-dont-know-about/ \ No newline at end of file