Set Up Firewall Using Iptables On Ubuntu Part 1

z

Tuesday, December 20, 2016

Otodidak Learner - Set Up Firewall Using Iptables On Ubuntu: build a good firewall is an important step to secure network systems and operating systems. Most Linux distributions have some firewall that we can use. one of which is IP tables that we will discuss now.

[NOTE]: in this manner include IPv4 security. in Linux, separated from IPv4 IPv6 security, as an example of "IP tables" is only set for IPv4 addresses but still has a relationship with IPv6 called "ip6tables" configured for IPv6 network address

Prerequisites
Before starting IPTables configuration you need to install ubuntu server. in this post-Ubuntu 14:04 and accounts with access rights setup on your ubuntu.

Basic IP tables Commands

I assume that you have a good understanding of the basic concepts of IP tables. to set the IP tables interface in general

First, you should know that the IP tables command must be run with root access. This means you must be logged in as root, using su or sudo -i to access a root shell, or add all the commands with sudo. I will use sudo in this post. for the early stages of the configuration of IP tables you do it with the -l flag

$ sudo iptables -L

Output:
Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

as seen we already have 3 default chain (INPUT, OUTPUT, AND FORWARD). we also can see each chain's default policy (each chain has a default policy ACCEPT). we can also see some of the column headers. but we did not see the actual rules since in this case, Ubuntu does not ship with a set of the default rule. we can see that the output command Reflects Necessary to enable each rule and policy by instead using the -S Flag

sudo iptables -S

Once again, the default policy is very important here, because, when all of the policy is removed from your chain, the default policy will not change with this command. it means that you are connected remotely. you also have to make sure the default policy on the INPUT and OUTPUT, chain set to ACCEPT as flushing the rules, you can do so by typing..

• sudo iptables -P INPUT ACCEPT
• sudo iptables -P OUTPUT ACCEPT
• sudo iptables -F

We can change the default policy to DROP drop. after you set it explicitly rules that allow your connection.

We will make the First Rule

The full rule we need is this:

sudo iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT

glance looks very complicated, but it will make sense when we all these components


to be continued......

Labels: JARINGAN KOMPUTER, PROXY SERVER, UBUNTU

Thanks for reading Set Up Firewall Using Iptables On Ubuntu Part 1. Please share...!