- Data Structure
- Networking
- RDBMS
- Operating System
- Java
- MS Excel
- iOS
- HTML
- CSS
- Android
- Python
- C Programming
- C++
- C#
- MongoDB
- MySQL
- Javascript
- PHP
- Physics
- Chemistry
- Biology
- Mathematics
- English
- Economics
- Psychology
- Social Studies
- Fashion Studies
- Legal Studies
- Selected Reading
- UPSC IAS Exams Notes
- Developer's Best Practices
- Questions and Answers
- Effective Resume Writing
- HR Interview Questions
- Computer Glossary
- Who is Who
How to setup firewall in Linux?
Firewalls are an integral component of every contemporary computer system, safeguarding the network and protecting the system from illegal access. We'll take a deep dive into the realm of Linux firewalls and learn how to configure one in this post.
Before we involve into the technical details of establishing a firewall in Linux, let us clarify what a firewall is and why it is so important!
A firewall is a network security device that monitors and restricts network traffic based on predefined security rules. A firewall's principal function is to block unauthorised access to a computer system or network while still allowing authorised access. It functions as a gatekeeper, controlling who and what may enter and depart a network.
There are two major choices for configuring a firewall in Linux: iptables and firewalld.
‘iptables’ is a command-line programme for managing the Linux kernel firewall. For many years, it was the default firewall for Linux servers and is still extensively used today.
‘firewalld’ is a more modern approach to managing firewalls in Linux. It is a dynamic daemon that provides a D-Bus interface for managing firewall rules, and it is used by many Linux distributions as the default firewall.
Now let's dive into the steps required to set up a firewall in Linux using both iptables and firewalld.
Using ‘iptables’ to Create a Firewall
To begin setting an iptables firewall, first ensure that it is already installed on your system. Although iptables is present in most Linux distributions, it is always a good idea to double-check.
Open a terminal and type the following command to see if iptables is installed on your system: sudo iptables -L
If iptables is not already installed on your machine, use the following command to install it: sudo apt-get install iptables
You may begin setting the firewall once you have validated that iptables is installed on your system.
The initial step in iptables configuration is to establish the default policies for incoming and outgoing traffic. The default policy determines what happens to packets that do not match any of the rules in the firewall.
To set the default policies to drop all incoming and outgoing traffic, run the following commands −
sudo iptables -P INPUT DROP sudo iptables -P OUTPUT DROP
Once you have set the default policies, you can start adding rules to allow or block specific types of traffic. The basic syntax for adding a rule to iptables is as follows −
sudo iptables -A [CHAIN] -p [PROTOCOL] --dport [PORT] -j [ACTION]
Let's break down the components of the rule −
CHAIN − This specifies the chain in the firewall where the rule will be added. The three default chains in iptables are INPUT, OUTPUT, and FORWARD.
PROTOCOL − This specifies the protocol for the traffic. Common protocols include TCP, UDP, and ICMP.
PORT − This specifies the port number for the traffic.
ACTION − This specifies what should happen to traffic that matches the rule. Common actions include ACCEPT, DROP, and REJECT.
The following command, for example, would accept incoming SSH traffic (port 22) on the INPUT chain −
sudo iptables -A INPUT -p tcp —dport 22 -j ACCEPT
Similarly, the following command would enable OUTPUT chain HTTP traffic (port 80) −
sudo iptables -A OUTPUT -p tcp —dport 80 -j ACCEPT
Using ‘firewalld’ to Create a Firewall
Another option for setting up a firewall in Linux is by using firewalld. Firewalld is a modern dynamic daemon that is used by several Linux distributions, such as CentOS, Fedora, and Red Hat Enterprise Linux, as the default firewall management tool.
The first step in configuring a firewall with firewalld is to see if it is already installed on your system.
Most recent Linux distributions come with firewalld pre-installed, however you may validate its presence in the terminal by typing the following command −
sudo firewall-cmd —state
If firewalld is not already installed on your machine, use the following command to install it: sudo yum install firewalld
Once you confirmed that firewalld is installed on your system, you start configuring the firewall.
The first step in configuring firewalld is to check the default zone. The default zone is a predefined set of rules that govern the traffic allowed on the system. To check the default zone, run the following command −
sudo firewall-cmd --get-default-zone
By default, the default zone is set to "public". You can change the default zone by running the following command −
sudo firewall-cmd --set-default-zone=zone
where "zone" is the name of the zone you want to set as default.
The next step is to add rules to the firewall to allow or block specific types of traffic. Firewalld uses a concept called "services" to group related ports and protocols together. Some of the commonly used services include "http", "https", "ssh", and "smtp".
To allow incoming HTTP traffic, for example, you can use the following command −
sudo firewall-cmd --add-service=http --permanent
The "--permanent" option makes the rule permanent, so it survives a reboot. If you do not use the "--permanent" option, the rule will be removed when the system is rebooted.
You can also allow specific ports by using the "--add-port" option. For example, the following command allows incoming traffic on port 22 for SSH −
sudo firewall-cmd --add-port=22/tcp --permanent
After adding the necessary rules, make sure to reload the firewall for the changes to take effect −
sudo firewall-cmd --reload