Network security management is an important part of server security. In this article, we will walk through the process of setting up a firewall in Ubuntu 20.04 using the package management tool known as iptables.
Introduction to IPTables
IPTables is a powerful package management tool available on most Linux distributions including Ubuntu 20.04. This tool allows administrators to define the behavior of packets passing through a network system.
IPTables uses the concept of "chains" and "rules". Chains are sets of rules that are applied to packets passing through the system and they are classified as INPUT (for incoming packets), OUTPUT (for outgoing packets), and FORWARD (for packets passing through the system).
Installing IPTables on Ubuntu 20.04
Before you get started with iptables, make sure it is installed on your Ubuntu 20.04 server using the comman:
sudo apt-get install iptables
Configuring IPTables Rules
All IPTables commands must begin with the sudo prefix, as they require superuser privileges.
Creating a new chain:
sudo iptables -N <chain_name>
Adding a chain rule:
sudo iptables -A <chainname> -p <protocol> --dport <port> -j <target>
Removing a rule from a chain:
sudo iptables -D <chain_name> <rule_number>
Viewing the list of current rules:
sudo iptables -L
Firewall setup example in Ubuntu 20.04
Suppose we want to configure the firewall to only allow incoming SSH, HTTP and HTTPS connections, all other connections will be blocked.
First we create a new chain:
sudo iptables -N INPUT_RULES
Now let's add rules to our chain:
sudo iptables -A INPUT_RULES -m state --state RELATED,ESTABLISHED -j ACCEPT
sudo iptables -A INPUT_RULES -p tcp --dport 22 -j ACCEPT
sudo iptables -A INPUT_RULES -p tcp --dport 80 -j ACCEPT
sudo iptables -A INPUT_RULES -p tcp --dport 443 -j ACCEPT
sudo iptables -A INPUT_RULES -j DROP
After applying these rules, all outgoing connections are allowed, incoming SSH, HTTP, and HTTPS connections are allowed, and all other incoming connections are blocked.
Saving and Restoring IPTables Rules
After you set up the rules, it is important to save them so that they continue to work after a system reboot.
To keep the current iptables rules in Ubuntu, you can use the iptables-persistent utility.
If iptables-persistent is not already installed on your system, you can install it like this:
sudo apt-get install iptables-persistent
During installation, you will be asked to save the current IPv4 and IPv6 rules. If you want your current iptables rules to be automatically loaded on system boot, select <Yes> for both prompts.
If you later make changes to the iptables rules, you can save them manually:
For IPv4:
sudo iptables-save > /etc/iptables/rules.v4
For IPv6:
sudo ip6tables-save > /etc/iptables/rules.v6
Now your iptables rules will be saved and automatically applied on every system boot.
In conclusion, IPTables is a powerful package management and firewall tool for Ubuntu 20.04. This allows administrators to control incoming and outgoing connections, which is an important part of server security.