Scribd
Upload
21 views

Iptables Tutorial

Uploaded by

muhammadahmed.99429
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
21 views

Iptables Tutorial

Uploaded by

muhammadahmed.99429
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 6

Iptables Tutorial: Securing

VPS with Linux Firewall


What Is Iptables?
Iptables is a firewall program for Linux. It will monitor traffic from
and to your server using tables. These tables contain sets of rules,
called chains, that will filter incoming and outgoing data packets.

How Do Iptables Work


Iptables is a firewall program for Linux. It will monitor traffic from
and to your server using tables. These tables contain sets of
rules, called chains, that will filter incoming and outgoing data
packets.
When a packet matches a rule, it is given a target, which can be
another chain or one of these special values:

• ACCEPT – will allow the packet to pass through.


• DROP – will not let the packet pass through.

• RETURN – stops the packet from traversing through a chain


and tell it to go back to the previous chain.

In this iptables tutorial, we are going to work with one of the default
tables, called filter. It consists of three chains:
• INPUT – controls incoming packets to the server.

• FORWARD – filters incoming packets that will be forwarded


somewhere else.

• OUTPUT – filter packets that are going out from your server.

Before we begin this guide, make sure you have


SSH root or sudo access to your machine that runs on Ubuntu
16.04 or up. You can establish the connection through PuTTY
(Windows) or terminal shell (Linux, macOS). If you own Hostinger
VPS, you can get the SSH login details on the Servers tab of
hPanel.

Important! iptables rules only apply to ipv4. If you want to set up a


firewall for the ipv6 protocol, you will need to
use ip6tables instead.
How to Install and Use
Iptables Linux Firewall
We will divide this iptables tutorial into three steps. First, you will
learn how to install the tool on Ubuntu. Secondly, we are going to
show you how to define the rules. Lastly, we will guide you to make
persistent changes in iptables.

1. Install Iptables
Iptables comes pre-installed in most Linux distributions. However,
if you don’t have it in Ubuntu/Debian system by default, follow the
steps below:

1. Connect to your server via SSH. If you don’t know, you can
read our SSH tutorial.

2. Execute the following command one by one:

3. sudo apt-get update

sudo apt-get install iptables

4. Check the status of your current iptables configuration by


running:

sudo iptables -L -v

Here, the -L option is used to list all the rules, and -v is for
showing the info in a more detailed format. Below is the
example output:
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)

pkts bytes target prot opt in out source destination

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)

pkts bytes target prot opt in out source destination

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)

pkts bytes target prot opt in out source destination

You will now have the Linux iptables firewall installed. At this point,
you can notice that all chains are set to ACCEPT and have no
rules. This is not secure since any packet can come through without
filtering.
Don’t worry. We’ll tell you how to define rules on the next step of
our iptables tutorial.
Filtering Packets Based on Source
Iptables allows you to filter packets based on an IP address or a
range of IP addresses. You need to specify it after the -s option.
For example, to accept packets from 192.168.1.3, the command
would be:
sudo iptables -A INPUT -s 192.168.1.3 -j ACCEPT

You can also reject packets from a specific IP address by replacing


the ACCEPT target with DROP.
sudo iptables -A INPUT -s 192.168.1.3 -j DROP

If you want to drop packets from a range of IP addresses, you have


to use the -m option and iprange module. Then, specify the IP
address range with –src-range. Remember, a hyphen should
separate the range of ip addresses without space, like this:
sudo iptables -A INPUT -m iprange --src-range 192.168.1.100-192.168.1.200 -j DROP
Dropping all Other Traffic
It is crucial to use the DROP target for all other traffic after
defining –dport rules. This will prevent an unauthorized connection
from accessing the server via other open ports. To achieve this,
simply type:
sudo iptables -A INPUT -j DROP

Now, the connection outside the specified port will be dropped.


Deleting Rules
If you want to remove all rules and start with a clean slate, you can
use the -F option (flush):
sudo iptables -F

This command erases all current rules. However, to delete a


specific rule, you must use the -D option. First, you need to see all
the available rules by entering the following command:
sudo iptables -L --line-numbers

You will get a list of rules with numbers:


Chain INPUT (policy ACCEPT)

num target prot opt source destination


1 ACCEPT all -- 192.168.0.4 anywhere
2 ACCEPT tcp -- anywhere anywhere tcp dpt:https
3 ACCEPT tcp -- anywhere anywhere tcp dpt:http
4 ACCEPT tcp -- anywhere anywhere tcp dpt:ssh

To delete a rule, insert the corresponding chain and the number


from the list. Let’s say for this iptables tutorial, we want to get rid
of rule number three of the INPUT chain. The command should
be:
sudo iptables -D INPUT 3

Alternatively, if you need to filter only the incoming traffic, you can
use Hostinger VPS Firewall. Select your VPS and navigate to
the Firewall section:

You might also like