In the article What is a firewall? we discussed what a firewall is and how it works. In this article, we will discuss how to configure an iptables firewall on a Linux system.
What is an iptables firewall?
iptables is a command-line utility that can be used to configure the firewall in Linux. iptables is used to set up, maintain, and inspect the tables of IP packet filter rules in the Linux kernel. There can be several tables for different users in a Linux system. When an IP packet comes to the system, goes out of the system, or gets forwarded, iptables checks a set of predefined rules and takes action.
This utility usually comes pre-installed with Linux distributions. If not, you can install the iptable package easily.
# sudo apt-get install iptables
How to configure the iptables firewall on Linux?
iptables use three different chains on which it can apply firewall rules :
INPUT – This chain is used for all the input packets. For example, when a user attempts to ssh to your system, the input chain will be checked by iptables for matching rules.
OUTPUT – This chain is meant for output IP packets. For example, when your system sends an IP packet to other IP addresses, this chain is checked for a set of rules.
FORWARD – This chain is mainly used for routers. When an IP packet is not locally delivered but is destined for some other IP address, this chain is checked for a set of rules.
Enable iptables
You can run the following command to check whether iptables is already enabled on the Linux system.
# sudo service ufw status
If it is not enabled, you can enable it with the following command:
#sudo service ufw enable
You can also check the policy of default behavior. By default, usually, all the IP packets are …
0 Comments