Blog

Mastering Linux Firewall: IPTables Setup & Commands Guide

When setting up a firewall in Linux, it’s essential to understand the basics of how it functions and the commands involved in configuring it. The guide below provides insights into the working of the Linux firewall and the fundamental commands to establish and manage rules using IPTables.

What is a Firewall?

A firewall acts as a network security system regulating the traffic based on predefined rules. Positioned between the device and the internet, it filters and manages the incoming and outgoing traffic.

Understanding How the Firewall in Linux Works

Most Linux distributions come equipped with IPTables, the default tool for configuring the firewall. IPTables manages and inspects the IPv4 and IPv6 packet filter rules within the Linux Kernel.

Chains in IPTables:

Chains in IPTables are sets of rules categorized by their specific tasks. There are three primary chains:

  1. INPUT Chains: Deals with incoming traffic to the local machine.
  2. OUTPUT Chains: Handles outgoing traffic from the local machine.
  3. FORWARD Chain: Manages traffic moving between different networks.

Different Actions:

IPTables can perform three actions on the traffic:

  1. ACCEPT: Allows the traffic to pass through.
  2. DROP: Blocks the traffic.
  3. REJECT: Blocks the traffic and sends a rejection message to the sender.

Essential IPTables Commands:

Listing Current Rules:

sudo iptables -L

Clearing Existing Rules:

sudo iptables -F

Changing Default Chain Policies:

sudo iptables -P Chain_name Action_to_be_taken

Implementing Rules:

sudo iptables -A/-I chain_name -s source_ip -j action_to_take

Deleting a Rule:

sudo iptables -D chain_name rule_number

Saving Configurations:

sudo invoke-rc.d iptables-persistent save

The tutorial explains how to list, clear, change policies, implement, delete rules, and save configurations using IPTables.

For instance, creating a rule to block traffic from a specific IP address:

sudo iptables -A INPUT -s 192.168.1.3 -j DROP

Also, setting up an ACCEPT rule to allow traffic to a particular port from a defined IP:

sudo iptables -I INPUT -s 192.168.1.3 -p tcp --dport 22 -j ACCEPT

The guide emphasizes the importance of the sequence in rule application and advises on saving configurations to prevent data loss on servers.

This summary provides key commands necessary to create and manage a firewall on your system. For more advanced actions and configurations, further exploration and experimentation are encouraged.

Categories
Recent Posts

© 2024 Cloudfrik. All rights reserved | Telegram

Scroll to Top