Article preview image

Linux firewall configuration

Configuring a firewall is a critical aspect of securing a Linux server.

A well-configured firewall helps protect your server from unauthorized access and potential security threats by controlling incoming and outgoing network traffic. Here’s a guide on Linux firewall configuration for a Linux server firewall.

1. Understanding Firewall Basics:

A firewall is a network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules. On a Linux server, firewalls are typically managed using tools like iptables, nftables, or firewalld.

2. Using `iptables` for Firewall Configuration:

`iptables` is a powerful command-line tool for configuring the Linux kernel firewall. It allows you to define rules that filter network traffic. Here’s how to set up a basic firewall using `iptables`:

Install iptables:

sudo apt-get install iptables

Basic Commands:

View current rules:

sudo iptables -L

Allow SSH traffic (port 22):

sudo iptables -A INPUT -p tcp --dport 22 -j ACCEPT

Allow HTTP traffic (port 80):

sudo iptables -A INPUT -p tcp --dport 80 -j ACCEPT

Drop all other incoming traffic:

sudo iptables -A INPUT -j DROP

Save Rules:

To ensure the rules persist after a reboot, save them to a file:

sudo iptables-save > /etc/iptables/rules.v4

3. Using `firewalld` for Easier Management:

`firewalld` provides a higher-level interface for managing firewall rules and is often preferred for its ease of use and flexibility.

Install firewalld:

sudo apt-get install firewalld

Basic Commands:

Start and enable firewalld:

sudo systemctl start firewalld
sudo systemctl enable firewalld

Allow SSH traffic:

sudo firewall-cmd --permanent --add-service=ssh

Allow HTTP traffic:

sudo firewall-cmd --permanent --add-service=http

Reload the firewall to apply changes:

sudo firewall-cmd --reload

4. Using `nftables` for Advanced Configurations:

`nftables` is the successor to `iptables`, providing a unified framework for network packet filtering.

Install nftables:

sudo apt-get install nftables

Basic Configuration:

Create a configuration file (e.g., `/etc/nftables.conf`) with the following rules:

table inet filter {
chain input {
type filter hook input priority 0;
policy drop;
# Allow established and related connections
ct state established,related accept
# Allow loopback traffic
iif lo accept
# Allow SSH
tcp dport 22 accept
# Allow HTTP
tcp dport 80 accept

Apply the Configuration:

sudo nft -f /etc/nftables.conf

By following these steps, you can configure a robust Linux server firewall to protect your system. Whether you use iptables, firewalld, or nftables, understanding the fundamentals of Linux firewall configuration will help you secure your server against potential threats and unauthorized access.