SIGN IN / UP
      SIGN IN / UP

      We use cookies and similar technologies necessary for the site to function. Optional cookies from third parties are used to improve our service and to provide you with personalized content and advertising if you agree. You can freely opt out here or customize your choice of optional cookies by clicking "Additional settings". Please see our privacy policy and cookies policy for more information on what data is collected and how it is shared with our partners.

      Cookies Policy
      Marketing
      These cookies may be placed on the site by our advertising partners. These companies may use them to build a profile of your interests and show relevant ads on other sites. They do not store personal information directly, but are based on the unique identification of your browser and device online. If you do not allow these cookies, you will see fewer targeted ads.
      Functional
      These cookies allow the site to provide advanced features and personalization. They may be set by us or by third party providers whose services we have added to our pages. If you do not authorize the use of these cookies, some of our services may not work properly.
      Necessary
      These cookies allow us to count the number of visits and traffic sources to measure and improve the performance of our site. They help us to know which pages are the most or least popular and to see how many people are visiting the site. All information collected by these cookies is aggregated and therefore anonymous. If you do not authorize the use of these cookies, we will not know when you have visited our site and will not be able to track its performance.
      Cookies Policy
      opened image

      Configuring Firewall with Centos 7 IPTables

      Similar articles:
      WireGuard GUI Web Portal Installing the Pterodactyl Control Panel (Ubuntu) Access to website folder via FTP on the server with Hestia panel How to add a new user in Windows Server 2012, 2016, 2019 How to add a domain to DNS hosting

      Virtual hosting

      FROM €2.62/MONTH

      First month free!

      In today's world, where the Internet is an integral part of our lives, setting up computer system protection is an extremely important task. One of the ways to protect a computer system is to configure the Firewall. In this article, we will look at how to set up Firewall using IPTables on CentOS 7.

      IPTables is a Linux utility that is used to configure the Firewall. IPTables is a networking stack that filters packets passing through the system. IPTables works at the kernel level and filters packets before they reach user space.

      IPTables has three main chains: INPUT, OUTPUT and FORWARD. The INPUT chain is used to filter packets directed to the system. The OUTPUT chain is used to filter packets sent from the system. The FORWARD chain is used to filter packets passing through the system.

      Following are the basic commands for working with IPTables. Note that each command must start with sudo, as changing IPTables settings requires superuser privileges.

      Creating a new chain:

      sudo iptables -N <chain_name>

      Removing a chain:

      sudo iptables -X <chain_name>

      Adding a packet filtering rule:

      sudo iptables -A <chainname> -p <protocol> --dport <port> -j <target>

      Removing a rule:

      sudo iptables -D <chain_name> <rule_number>

      Viewing the list of rules:

      sudo iptables -L

       

      Saving rules:

      sudo service iptables save

       

      An example of configuring Firewall using IPTables on CentOS 7:

      Let's say we have a server running CentOS 7 and we want to configure the Firewall to block all incoming packets except SSH, HTTP and HTTPS.

      Create a new chain to block all incoming packets:

      sudo iptables -N INPUT_BLOCK

       

      Adding rules to block all incoming packets except SSH, HTTP and HTTPS:

      sudo iptables -A INPUT_BLOCK -m state --state RELATED,ESTABLISHED -j ACCEPT 

sudo iptables -A INPUT_BLOCK -p tcp --dport 22 -j ACCEPT 

sudo iptables -A INPUT_BLOCK -p tcp --dport 80 -j ACCEPT 

sudo iptables - A INPUT_BLOCK -p tcp --dport 443 -j ACCEPT 

sudo iptables -A INPUT_BLOCK -j DROP

       

      Adding rules to allow outgoing packets:

      sudo iptables -A OUTPUT -m state --state RELATED,ESTABLISHED -j ACCEPT 

sudo iptables -A OUTPUT -j ACCEPT

       

      Adding rules for packet forwarding (if required):

      sudo iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT 

sudo iptables -A FORWARD -j DROP

       

      Apply settings:

      sudo service iptables save 

sudo systemctl restart iptables

      This is an IPTables setting that blocks all incoming packets except SSH, HTTP, and HTTPS, allows outgoing packets, and does not allow packet forwarding.

      In conclusion, configuring the Firewall with IPTables is an important task to ensure the security of a computer system. IPTables provides a wide range of options for configuring the Firewall, and knowledge of its commands and configuration files allows you to effectively protect your computer system. But remember that any changes you make will be instantly applied to your Firewall, which may affect your current network connections. Be careful and always have an up-to-date copy of your settings before making any changes.

      Similar articles:
      WireGuard GUI Web Portal Installing the Pterodactyl Control Panel (Ubuntu) Access to website folder via FTP on the server with Hestia panel How to add a new user in Windows Server 2012, 2016, 2019 How to add a domain to DNS hosting

      Virtual hosting

      FROM €2.62/MONTH

      First month free!