{"id":6965,"date":"2019-04-30T00:24:46","date_gmt":"2019-04-30T04:24:46","guid":{"rendered":"https:\/\/extassisnetwork.com\/tutoriales\/?p=6965"},"modified":"2019-06-18T02:40:33","modified_gmt":"2019-06-18T06:40:33","slug":"como-instalar-iptables-en-centos7","status":"publish","type":"post","link":"https:\/\/extassisnetwork.com\/tutoriales\/como-instalar-iptables-en-centos7\/","title":{"rendered":"C\u00f3mo instalar Iptables en CentOS 7"},"content":{"rendered":"<p>A partir de <strong>CentOS 7<\/strong>, <strong>FirewallD<\/strong> reemplaza iptables como la herramienta de administraci\u00f3n de firewall predeterminada.<\/p>\n<p>FirewallD es una soluci\u00f3n completa de firewall que se puede controlar con una utilidad de l\u00ednea de comandos llamada firewall-cmd. Si se siente m\u00e1s c\u00f3modo con la sintaxis de la l\u00ednea de comandos de Iptables, entonces puede desactivar FirewallD y volver a la configuraci\u00f3n cl\u00e1sica de iptables.<\/p>\n<p>Este tutorial le mostrar\u00e1 c\u00f3mo deshabilitar el servicio FirewallD e instalar iptables.<\/p>\n<p>Antes de comenzar con el tutorial, aseg\u00farese de iniciar sesi\u00f3n como usuario con privilegios sudo .<\/p>\n<h3>Desactivar FirewallD<\/h3>\n<p>Para deshabilitar FirewallD en su sistema CentOS 7 , siga estos pasos:<\/p>\n<p>Escriba el siguiente comando para detener el servicio FirewallD:<\/p>\n<div class=\"highlight\">\n<pre class=\"chroma console-bash\"><code class=\"language-console-bash\" data-lang=\"console-bash\"><span class=\"line\">sudo systemctl stop firewalld<\/span><\/code><\/pre>\n<\/div>\n<p>&nbsp;<\/p>\n<p>Desactive el servicio FirewallD para que se inicie autom\u00e1ticamente al iniciar el sistema:<\/p>\n<div class=\"highlight\">\n<pre class=\"chroma console-bash\"><code class=\"language-console-bash\" data-lang=\"console-bash\"><span class=\"line\">sudo systemctl disable firewalld<\/span><\/code><\/pre>\n<\/div>\n<p>&nbsp;<\/p>\n<p>Enmascare el servicio FirewallD para evitar que otros servicios lo inicien:<\/p>\n<div class=\"highlight\">\n<pre class=\"chroma console-bash\"><code class=\"language-console-bash\" data-lang=\"console-bash\"><span class=\"line\">sudo systemctl mask --now firewalld<\/span><\/code><\/pre>\n<\/div>\n<h2><\/h2>\n<h2 class=\"w-full relative\">Instalar y habilitar iptables<\/h2>\n<p>Realice los siguientes pasos para instalar Iptables en un sistema CentOS 7:<\/p>\n<p>Ejecute el siguiente comando para instalar el paquete <code>iptables-service<\/code>\u00a0desde los repositorios de CentOS:<\/p>\n<div class=\"highlight\">\n<pre class=\"chroma console-bash\"><code class=\"language-console-bash\" data-lang=\"console-bash\"><span class=\"line\">sudo yum install iptables-services<\/span><\/code><\/pre>\n<\/div>\n<p>&nbsp;<\/p>\n<p>Una vez que el paquete est\u00e9 instalado inicie el servicio de Iptables:<\/p>\n<div class=\"highlight\">\n<pre class=\"chroma console-bash\"><code class=\"language-console-bash\" data-lang=\"console-bash\"><span class=\"line\">sudo systemctl start iptables<\/span><span class=\"line\">sudo systemctl start iptables6<\/span><\/code><\/pre>\n<\/div>\n<p>&nbsp;<\/p>\n<p>Habilite el servicio de Iptables para que se inicie autom\u00e1ticamente en el inicio del sistema:<\/p>\n<div class=\"highlight\">\n<pre class=\"chroma console-bash\"><code class=\"language-console-bash\" data-lang=\"console-bash\"><span class=\"line\">sudo systemctl enable iptables<\/span><span class=\"line\">sudo systemctl enable iptables6<\/span><\/code><\/pre>\n<\/div>\n<p>&nbsp;<\/p>\n<p>Verifique el estado del servicio de iptables con:<\/p>\n<div class=\"highlight\">\n<pre class=\"chroma console-bash\"><code class=\"language-console-bash\" data-lang=\"console-bash\"><span class=\"line\">sudo systemctl status iptables<\/span><span class=\"line\">sudo systemctl status iptables6<\/span><\/code><\/pre>\n<\/div>\n<p>&nbsp;<\/p>\n<p>Para poder verificar las reglas actuales de iptables usa los siguientes comandos:<\/p>\n<div class=\"highlight\">\n<pre class=\"chroma console-bash\"><code class=\"language-console-bash\" data-lang=\"console-bash\"><span class=\"line\">sudo iptables -nvL<\/span><span class=\"line\">sudo iptables6 -nvL<\/span><\/code><\/pre>\n<\/div>\n<p>&nbsp;<\/p>\n<p>Por defecto solo el puerto SSH 22 est\u00e1 abierto.\u00a0La salida debe verse algo como esto:<\/p>\n<div class=\"highlight\">\n<pre class=\"chroma\"><code class=\"language-output\" data-lang=\"output\">Chain INPUT (policy ACCEPT 0 packets, 0 bytes)\r\n pkts bytes target     prot opt in     out     source               destination         \r\n 5400 6736K ACCEPT     all  --  *      *       0.0.0.0\/0            0.0.0.0\/0            state RELATED,ESTABLISHED\r\n    0     0 ACCEPT     icmp --  *      *       0.0.0.0\/0            0.0.0.0\/0           \r\n    2   148 ACCEPT     all  --  lo     *       0.0.0.0\/0            0.0.0.0\/0           \r\n    3   180 ACCEPT     tcp  --  *      *       0.0.0.0\/0            0.0.0.0\/0            state NEW tcp dpt:22\r\n    0     0 REJECT     all  --  *      *       0.0.0.0\/0            0.0.0.0\/0            reject-with icmp-host-prohibited\r\n\r\nChain FORWARD (policy ACCEPT 0 packets, 0 bytes)\r\n pkts bytes target     prot opt in     out     source               destination         \r\n    0     0 REJECT     all  --  *      *       0.0.0.0\/0            0.0.0.0\/0            reject-with icmp-host-prohibited\r\n\r\nChain OUTPUT (policy ACCEPT 4298 packets, 295K bytes)\r\n pkts bytes target     prot opt in     out     source               destination     \r\n<\/code><\/pre>\n<\/div>\n<p>&nbsp;<\/p>\n<p>En este punto, ha habilitado correctamente el servicio de iptables y puede comenzar a construir su firewall.\u00a0Los cambios persistir\u00e1n despu\u00e9s de un reinicio.<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>A partir de CentOS 7, FirewallD reemplaza iptables como la herramienta de administraci\u00f3n de firewall predeterminada. FirewallD es una soluci\u00f3n completa de firewall que se puede controlar con una utilidad de l\u00ednea de comandos llamada firewall-cmd. Si se siente m\u00e1s c\u00f3modo con la sintaxis de la l\u00ednea de comandos de Iptables, entonces puede desactivar FirewallD [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":6973,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[38],"tags":[184,213,183],"class_list":{"0":"post-6965","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-linux","8":"tag-centos-7","9":"tag-firewalld","10":"tag-iptables"},"_links":{"self":[{"href":"https:\/\/extassisnetwork.com\/tutoriales\/wp-json\/wp\/v2\/posts\/6965","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/extassisnetwork.com\/tutoriales\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/extassisnetwork.com\/tutoriales\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/extassisnetwork.com\/tutoriales\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/extassisnetwork.com\/tutoriales\/wp-json\/wp\/v2\/comments?post=6965"}],"version-history":[{"count":0,"href":"https:\/\/extassisnetwork.com\/tutoriales\/wp-json\/wp\/v2\/posts\/6965\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/extassisnetwork.com\/tutoriales\/wp-json\/wp\/v2\/media\/6973"}],"wp:attachment":[{"href":"https:\/\/extassisnetwork.com\/tutoriales\/wp-json\/wp\/v2\/media?parent=6965"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/extassisnetwork.com\/tutoriales\/wp-json\/wp\/v2\/categories?post=6965"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/extassisnetwork.com\/tutoriales\/wp-json\/wp\/v2\/tags?post=6965"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}