Configuring iptables

What is iptables?

iptables is a powerful firewall tool for Linux, it is the firewall that is pre-installed in most Linux distributions, including Ubuntu, CentOS, and Fedora. iptables is used to manage network security by filtering incoming and outgoing network traffic based on specified rules. It allows you to configure the firewall and control access to your system.

Why use iptables?

iptables is an important tool for protecting your system from potential security threats and controlling access to it. With iptables, you can:

Block incoming traffic from specified IP addresses or networks
Control outgoing traffic to the internet
Block access to specific services, such as SSH or HTTP
Enable forwarding of traffic between different network interfaces
Limit the rate of incoming or outgoing traffic

Getting Started with iptables

Before we start configuring iptables, it’s important to understand the basic structure of iptables. The iptables firewall consists of several tables, chains, and rules.

Tables

iptables has three different tables, each with its own purpose. These tables are:

Filter: This is the default table and is used for filtering incoming and outgoing packets.
NAT: This table is used for Network Address Translation (NAT). NAT is a technique used to map one IP address space into another by modifying network address information in IP header while it is in transit across a traffic-forwarding device.
Mangle: This table is used for special purpose packet alteration.

Chains

Each table has several chains that define the behavior of incoming or outgoing packets. There are three built-in chains in the Filter table:

INPUT: This chain is used for incoming packets to the system.
OUTPUT: This chain is used for outgoing packets from the system.
FORWARD: This chain is used for packets that are being forwarded through the system.

Rules

Each chain has several rules that determine what happens to incoming or outgoing packets. A rule can either accept a packet (ALLOW), drop a packet (DENY), or pass the packet to the next rule for further processing (RETURN).

How to Configure iptables

The following are some common use cases for configuring iptables, along with the corresponding iptables commands.

Allow incoming SSH traffic

If you want to allow incoming SSH traffic, you need to add a rule to the INPUT chain to allow incoming packets on port 22.

iptables -A INPUT -p tcp --dport 22 -j ACCEPT

Allow incoming HTTP traffic

If you want to allow incoming HTTP traffic, you need to add a rule to the INPUT chain to allow incoming packets on port 80.

iptables -A INPUT -p tcp --dport 80 -j ACCEPT

Allow incoming HTTPS traffic

If you want to allow incoming HTTPS traffic, you need to add a rule to the INPUT chain to allow incoming packets on port 443.

iptables -A INPUT -p tcp --dport 443 -j ACCEPT

Block incoming traffic from a specific IP address

If you want to block incoming traffic from a specific IP address, you need to add a rule to the INPUT chain to drop incoming packets from that IP address.

iptables -A INPUT -s IP_ADDRESS -j DROP

Block incoming traffic from a specific network

If you want to block incoming traffic from a specific network, you need to add a rule to the INPUT chain to drop incoming packets from that network.

iptables -A INPUT -s NETWORK_ADDRESS -j DROP

Allow outgoing traffic to the internet

By default, all outgoing traffic is allowed. However, if you want to be more specific about the types of traffic you want to allow, you can add rules to the OUTPUT chain. For example, if you want to allow all outgoing traffic to the internet, you can use the following command:

iptables -A OUTPUT -j ACCEPT

Block outgoing traffic to a specific IP address

If you want to block outgoing traffic to a specific IP address, you can add a rule to the OUTPUT chain to drop outgoing packets to that IP address.

iptables -A OUTPUT -d IP_ADDRESS -j DROP

Block outgoing traffic to a specific network

If you want to block outgoing traffic to a specific network, you can add a rule to the OUTPUT chain to drop outgoing packets to that network.

iptables -A OUTPUT -d NETWORK_ADDRESS -j DROP

Limit the rate of incoming traffic

If you want to limit the rate of incoming traffic, you can use the iptables rate limiting feature. This feature allows you to limit the number of incoming packets to a specified rate. For example, if you want to limit the incoming rate to 100 packets per second, you can use the following command:

iptables -A INPUT -p tcp --dport 80 -m limit --limit 100/s -j ACCEPT

Limit the rate of outgoing traffic

If you want to limit the rate of outgoing traffic, you can use the iptables rate limiting feature. This feature allows you to limit the number of outgoing packets to a specified rate. For example, if you want to limit the outgoing rate to 100 packets per second, you can use the following command:

iptables -A OUTPUT -p tcp --dport 80 -m limit --limit 100/s -j ACCEPT

Saving iptables Rules

It’s important to save your iptables rules so they persist after a reboot. You can save your rules using the following command:

iptables-save > /etc/iptables.rules

This will save the current iptables rules to the /etc/iptables.rules file. To load the rules after a reboot, you can use the following command:

iptables-restore < /etc/iptables.rules

Conclusion

iptables is a powerful tool for managing network security on Linux systems. With its ability to filter incoming and outgoing traffic, control access to services, and limit traffic rates, iptables is a valuable tool for protecting your system from potential security threats. By following the examples and use cases in this article, you can easily configure iptables to meet your specific needs.

Are you open to learn Linux?

Get weekly Linux news, tutoials, tips & tricks, and other useful information related to Linux and Open source in your INBOX.

The Center for Internet Security critical controls

The Center for Internet Security (CIS) is a non-profit organization that focuses on enhancing the...

Read More →

Linux Network

Commonly encountered industry-specific security standards

Introduction With the increasing use of technology and the internet, industries are becoming more...

Read More →

Linux Network

Why do I need to secure my Linux hosts?

Linux is an open-source operating system that powers millions of devices, from smartphones and...

Read More →

Linux Network

Removing our Firewall Configuration in Linux

A firewall is a critical aspect of security for a Linux system. It acts as a barrier between a...

Read More →

Linux Network

nftables basic configuration

Introduction Nftables is a firewall and packet filtering system that replaces iptables in Linux....

Read More →

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Configuring iptables

What is iptables?

Why use iptables?

Getting Started with iptables

Tables

Chains

Rules

How to Configure iptables

Allow incoming SSH traffic

Allow incoming HTTP traffic

Allow incoming HTTPS traffic

Block incoming traffic from a specific IP address

Block incoming traffic from a specific network

Allow outgoing traffic to the internet

Block outgoing traffic to a specific IP address

Block outgoing traffic to a specific network

Limit the rate of incoming traffic

Limit the rate of outgoing traffic

Saving iptables Rules

Conclusion

Are you open to learn Linux?

Success!

Related Articles

The Center for Internet Security critical controls

Commonly encountered industry-specific security standards

Why do I need to secure my Linux hosts?

Removing our Firewall Configuration in Linux

nftables basic configuration

LINUXCONCEPT

MOST VISITED

INFORMATION

CONNECT WITH US

Configuring iptables

What is iptables?

Why use iptables?

Getting Started with iptables

Tables

Chains

Rules

How to Configure iptables

Allow incoming SSH traffic

Allow incoming HTTP traffic

Allow incoming HTTPS traffic

Block incoming traffic from a specific IP address

Block incoming traffic from a specific network

Allow outgoing traffic to the internet

Block outgoing traffic to a specific IP address

Block outgoing traffic to a specific network

Limit the rate of incoming traffic

Limit the rate of outgoing traffic

Saving iptables Rules

Conclusion

Are you open to learn Linux?

Success!

Related Articles

The Center for Internet Security critical controls

Commonly encountered industry-specific security standards

Cloud-specific security considerations

Why do I need to secure my Linux hosts?

Removing our Firewall Configuration in Linux

nftables basic configuration