User`s manual
IA260-261-262 EM-2260 LX User’s Manual Managing Communications
Examples:
Example 1: Accept all packets from lo interface.
# iptables –A INPUT –i lo –j ACCEPT
Example 2: Accept TCP packets from 192.168.0.1.
# iptables –A INPUT –i eth0 –p tcp –s 192.168.0.1 –j ACCEPT
Example 3: Accept TCP packets from Class C network 192.168.1.0/24.
# iptables –A INPUT –i eth0 –p tcp –s 192.168.1.0/24 –j ACCEPT
Example 4: Drop TCP packets from 192.168.1.25.
# iptables –A INPUT –i eth0 –p tcp –s 192.168.1.25 –j DROP
Example 5: Drop TCP packets addressed for port 21.
# iptables –A INPUT –i eth0 –p tcp --dport 21 –j DROP
Example 6: Accept TCP packets from 192.168.0.24 to IA260/IA261/IA262/EM-2260’s port 137,
138, 139
# iptables –A INPUT –i eth0 –p tcp –s 192.168.0.24 --dport 137:139 –j ACCEPT
Example 7: Log TCP packets that visit IA260/IA261/IA262/EM-2260’s port 25.
# iptables –A INPUT –i eth0 –p tcp --dport 25 –j LOG
Example 8: Drop all packets from MAC address 01:02:03:04:05:06.
# iptables –A INPUT –i eth0 –p all –m mac –mac-source 01:02:03:04:05:06 –j DROP
NOTE: In Example 8, remember to issue the command
#modprobe ipt_mac
first to load module
ipt_mac.
NAT
NAT (Network Address Translation) protocol translates IP addresses used on one network to
different IP addresses used on another network. One network is designated the inside network and
the other designated the outside network. Typically, the IA260/IA261/IA262/EM-2260 connects
several devices on a network and maps local inside network addresses to one or more global
outside IP addresses, and un-maps the global IP addresses on incoming packets back into local IP
addresses.
NOTE Click on the following link for more information about iptables and NAT:
http://www.netfilter.org/documentation/HOWTO/NAT-HOWTO.html
4-11