The default rule is executed. This can be an ACCEPT (which will allow all packets) or DROP (which will reject all packets). The default rule should be set for all 3 chains (INPUT, OUTPUT, and FORWARD).
How do you list all rules?
If you are going to clear all rules, what must you do first?
Set the default input policy to accept all?
How do you set the default input policy to accept all packets?
iptables -P INPUT ACCEPT. If you are flushing all rules over SSH, you must set this to the default input policy. Otherwise you will be locked out.
How do you flush all rules?
Explain "iptables -A INPUT -i lo -j ACCEPT"
Append (-A) an INPUT rule that allows (ACCEPT) all incoming packets on the loopback (lo) interface (-i).
Explain "iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT"
For all incoming packets that are a part of an established or related connection (ie, NOT NEW), accept them
What rule would allow you to work over SSH?
iptables -A INPUT -p tcp --dport 22 -j ACCEPT
How do you set the default input policy to reject all packets?
iptables -P INPUT DROP
Explain "iptables -P FORWARD DROP"
Drop all packets to be forwarded. Only used if computer is being used as a router.
Explain "iptables -P OUTPUT ACCEPT"
Allow all outgoing packets
How do you save rules after making changes?
service iptables save
What flag allows filtering for a single IP address?
What are the 3 IP formats that the -s flag accepts?
single IP address, CIDR, or netmask.
What flags allow for mac filtering
-m (module) mac --mac-source MAC_ADDRESS
Before you accept or reject a specific port, what must you do first?
Define the protocol (tcp, udp, icmp, all) using the -p option