A firewall with iptables
How to build a simple but efficient firewall with iptables on Linux.
The purpose is to setup a simple firewall thanks to iptables on Linux.
- Block everything from outside
- Allow everything from inside
- Allow incoming trafic from a specific IP range (SSH)
- Allow incoming trafic from every sources HTTP
Simple, nothing fancy, but efficient. Just what we need.
There is one package to install in order to test and set your firewall permanently
/etc/iptables.custom.rules and add this (adapt to your needs, of course):
Test the rules
In order to test the rules written above, simply use this command (as root):
Check the result with:
If you modify the rules after this, you can save them into the original file:
Make it permanent
Once everything is tested and work as you want, create
/etc/network/if-pre-up.d/iptables and add:
And make it executable: