Version 8 (modified by 2 years ago) ( diff ) | ,
---|
What is a Firewall?
Firewall is a network security system that filters and controls the traffic on a predetermined set of rules. This is an intermediary system between the device and the internet.
How the Firewall of Linux works:
Most of the Linux distro’s ship with default firewall tools that can be used to configure them. We will be using “IPTables” the default tool provided in Linux to establish a firewall. Iptables is used to set up, maintain and inspect the tables of the IPv4 and IPv6 packet filter rules in the Linux Kernel.
iptables Lab
In this lab, you will setup a Basic Firewall Rules with iptables.
Chains :-
Chains are a set of rules defined for a particular task.
We have three chains(set of rules) which are used to process the traffic:-
- INPUT Chains
- OUTPUT Chains
- FORWARD Chains
1. INPUT Chains
Any traffic coming from the internet(network) towards your local machine has to go through the input chains. That means they have to go through all the rules that have been set up in the Input chain.
2. OUTPUT Chains
Any traffic going from your local machine to the internet needs to go through the output chains.
3. FORWARD Chain
Any traffic which is coming from the external network and going to another network needs to go through the forward chain. It is used when two or more computers are connected and we want to send data between them.
Different Policies :-
There are three actions which the iptables can perform on the traffic
1.ACCEPT
2.DROP
3.REJECT
1. ACCEPT
When traffic passes the rules in its specified chain, then the iptable accepts the traffic. That means it opens up the gate and allows the person to go inside the kingdom of Thanos.
2. DROP
When the traffic is unable to pass the rules in its specified chain, the iptable blocks that traffic. That means the firewall is closed.
3. REJECT
This type of action is similar to the drop action but it sends a message to the sender of the traffic stating that the data transfer has failed. As a general rule, use REJECT when you want the other end to know the port is unreachable’ use DROP for connections to hosts you don’t want people to see.
NOTE:-
You need to keep in mind a simple rule here:-
The Rules you set in the iptables are checked from the topmost rules to the bottom. Whenever a packet passes any of the top rules, it is allowed to pass the firewall. The lower rules are not checked. So be careful while setting up rules.
Basic iptables commands :
To list the rules of the current iptables:-
sudo iptables -L
The Output would be:- image
As you can see, we have three chains (INPUT, FORWARD, OUTPUT). We can also see column headers, but they are no actual rules. This is because most of the Linux come with no predefined rules.
Let see what each column mean.
Attachments (6)
- image1.png (14.1 KB ) - added by 2 years ago.
- image2.png (44.0 KB ) - added by 2 years ago.
- image3.png (45.5 KB ) - added by 2 years ago.
- image4.png (43.7 KB ) - added by 2 years ago.
- image5.png (49.1 KB ) - added by 2 years ago.
- image6.png (4.1 KB ) - added by 2 years ago.
Download all attachments as: .zip