Firewall

How To Set Up a Firewall Using Iptables on Ubuntu 24.04

In an era where data breaches and cyber threats are prevalent, securing your server is more important than ever. One of the primary tools for achieving this is a firewall. In this blog post, we will guide you through setting up a firewall on Ubuntu 24.04 using iptables.

What is Iptables?

iptables is a user-space utility that allows a system administrator to configure the IP packet filter rules of the Linux kernel firewall. With iptables, you can set up rules that control the ingress (incoming) and egress (outgoing) traffic on your server. This ensures that only legitimate traffic is allowed, providing a layer of protection against malicious activities.

Prerequisites

Before we begin, ensure you have the following prerequisites:

  1. A server running Ubuntu 24.04.
  2. Root or sudo access to the terminal.
  3. Basic knowledge of command line usage.

Step 1: Update Your System

First, make sure your system is up-to-date. Open your terminal and run:

sudo apt update && sudo apt upgrade -y

Step 2: Check if Iptables is Installed

iptables is usually pre-installed on most Linux distributions, including Ubuntu. To check if it’s installed, run:

sudo iptables --version

If it’s not installed, you can install it using:

sudo apt install iptables

Step 3: Understanding Iptables Chains

iptables operates with three default chains:

  • INPUT: Controls the behavior of incoming traffic.
  • OUTPUT: Controls the behavior of outgoing traffic.
  • FORWARD: Controls the behavior of packets being routed through the server.

Step 4: Basic Iptables Commands

Here are some basic commands you will use frequently:

  • List rules: To view the current set of rules:
  sudo iptables -L -v
  • Flushing rules: To remove all existing rules:
  sudo iptables -F
  • Setting default policies: If you want to block all incoming traffic by default and allow outgoing traffic, set the default policies as follows:
  sudo iptables -P INPUT DROP
  sudo iptables -P FORWARD DROP
  sudo iptables -P OUTPUT ACCEPT

Step 5: Setting Up Accept Rules

Next, you need to allow specific types of traffic. For example, to allow SSH, HTTP, and HTTPS traffic, you can use the following commands:

# Allow SSH
sudo iptables -A INPUT -p tcp --dport 22 -j ACCEPT

# Allow HTTP
sudo iptables -A INPUT -p tcp --dport 80 -j ACCEPT

# Allow HTTPS
sudo iptables -A INPUT -p tcp --dport 443 -j ACCEPT

Step 6: Saving Iptables Rules

To ensure your rules persist after a reboot, you need to save them. You can do this by using iptables-save and redirecting the output to a file or by installing iptables-persistent.

Option 1: Using iptables-save

sudo iptables-save > /etc/iptables/rules.v4

Option 2: Installing iptables-persistent

sudo apt install iptables-persistent

During installation, you will be prompted to save the current rules. Select “Yes,” and your rules will be saved automatically during future reboots.

Step 7: Testing Your Firewall

To test your firewall, you can use tools like nmap from another machine to scan for open ports. Make sure that your allowed ports (SSH, HTTP, HTTPS) are accessible, while others should be blocked.

nmap -v -A <your-server-ip>

Conclusion

Setting up a firewall using iptables on Ubuntu 24.04 is a crucial step in securing your server. By controlling incoming and outgoing traffic, you create a strong defense against various cyber threats. Remember that regular maintenance and updates are vital in keeping your firewall effective.

If you’re looking for more in-depth tutorials, tips, or assistance with your cloud hosting needs, don’t hesitate to reach out to our team at Greenhost.Cloud. Stay secure out there!