Iptables tutorial: securing VPS with Linux firewall

Iptables is a firewall program for Linux

  1. What is Iptables?
  2. How does iptables work?
  3. How to install and use iptables Linux firewall
    Install iptables
    Define chain rules
    Persist changes

Iptables is a firewall program for Linux. It will monitor traffic from and to your server using tables. These tables contain sets of rules, called chains, that will filter incoming and outgoing data packets.

  • Tables are categories of rules, each designed for specific tasks:
  • A chain is the name of a rule’s chain. The three built-in chains in iptables are INPUT, OUTPUT and FORWARD
  • Rules. Iptables rules are user-defined commands that control incoming and outgoing network traffic on a Linux system
  • Targets. A target is a decision of what to do with a packet. The packet is either accepted, dropped, or rejected.

Step 1: Chains and Tables

iptables operates using tables and chains:

Tables

Linux firewall iptables have four default tables that manage different rule chains:

  • Filter- The default packet filtering table. used for packet filtering (ex ,
    ACCEPT, DROP)
  • NAT- network address translation, Handles network address translation. It is used for packets that require alterations (e.g. modifying source/destination IPs).
  • Mangle- Adjusts the IP header properties of packets. (e.g. modifying
    headers).
  • Raw- Raw is used only for configuring packets so that they are exempt from connection tracking

Chain

In this iptables tutorial, we are going to work with one of the default tables, called filter. It consists of three chains:

  • INPUT– controls incoming packets to the server.
  • FORWARD– filters incoming packets that will be forwarded somewhere else.
  • OUTPUT– filter packets that are going out from your server.

Match criteria:

This match is used to check for certain protocols

  • Source/Dsination IP
  • Protocol (TCP, UDP, ICMP)
  • Port numbers
  • Interfaces

Targets:

The target/jumps tells the rule what to do with a packet that is a perfect match with the match section of the rule

  • ACCEPT– Allow the traffic through.
  • DROP– Block the traffic
  • REJECT– Discard the packet and send an error response

Step 2: How to Install and use iptables Linux firewall

iptables is installed by default on most Linux distributions. To confirm that
iptables is installed, run:

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *