Linux Firewalls (IPtables)

IPTables: The Evolution of Linux Firewalls

There are various types of Linux firewalls available in Linux distributions. Here, we are speaking about IP tables. Early, widely used Linux firewalls were called IP chains. It was initially introduced in the Linux 2.2 kernel version. These IP chains were replaced by the IP tables in the Linux kernel version of 2.4. Now, it is used as the primary Linux firewall in modern.Almost all Linux distribution IP tables are included in the /usr/sbin/iptables.

If it is not there, you can manually add it. 

 These IP tables are made up of three different objects. Those are tables, chains, and rules. The tables contain chains of rules; in other words, IP tables can be considered as an expansion of chains and rules. Each chain has a set of rules that define how to filter packets. there are three primary IP tables. You can customize this table according to your packet-filtering requirements. those tables are mentioned below

 Tables and Their Functions in Linux IPTables

packet filtering

 This is the most essential table in the Linux IP table system. It consists of 3 standard chains. Input packet filtering, Output packet filtering, and Forwarding. Input chains filter the incoming packets, Output chains filter the outgoing packets, and Forwarding chains filter routed packets. This forwarding chain applies when the Linux machine is working as a router.

Network address translation

 This applies to when the Packets inside the LAN are trying to go outbound of the network. And this will be used when a Linux machine is used as a gateway or a proxy server

 

 packet alteration

 

This is used only for particular packet alteration. This table may not even be needed for many standard firewalls.

Let's see How to configure IP tables :-
 

• First Log into your Linux machine or Server. And then type

$ Sudo iptable -L
This will show you the current IP table rules.

 

 

• Now write the command

$ sudo iptalbes -A INPUT -p tcp --dport ssh -j ACCEPT

 
This will enable INPUT rule of SSH from anywhere to the Linux machine. Check the iptables rules again using the listing command used previously. It will be shown here.

 

 

• Now lets enable http INPUT from anywhere

$ sudo iptalbes -A INPUT -p tcp --dport 80 -j ACCEPT
It will show as follows.

 

 

• Save your iptable rules

$ sudo iptables-save
(There is no space between iptables and save)

General options used with iptable commands

• A:Append this rule to a chain of rules
• -p:Connection protocols used
• --dport: Destination port of the 
• -i :Only allow the packet if the packet is coming from on a specified interface
• -v :Verbose output
• -s : --source :  address source specifications
• -d --destination : address destination specification

IPtables and UFW are both Linux system firewalls; the difference is that UFW is built on IPtables; IPtables is a very flexible tool, but it's more complex than UFW; another difference is that IPtables require a deeper understanding of TCP/IP, which may not be the case with every Linux user; another difference is that IPtables requires a deeper understanding of TCP/IP, which may not be the case with every Linux user.