A firewall is a popular network security software that monitors the incoming and outgoing traffic in your network. It controls and filters the incoming traffic on a predetermined set of rules.
It acts as an intermediary between your system and the internet. It is a virtual barrier, like a fencer; which is placed between a private network and a wide public network; that prevents your system from damage and attacks.
There are two types of Firewalls that are available; Network-based firewall and Host-based firewall.
- A Network Firewall is generally built in the infrastructure.
- A Host Firewall is installed on individual servers, and these servers monitor the connections.
Cloud-based firewalls are also popular for the complete security of the system. They can grow with your system requirements and do well with perimeter security. Some firewalls are also based on functionalities and different structures.
The best part about Firewall software is; you can implement them based on the size of your network and the level of security you need. Firewall for Windows is widely-used. However, are you aware of the Linux System Firewall configuration?
How To Configure a Firewall in Linux?
While Linux is a widely-used operating system, Firewall is the robust and efficient network security software. Together, they provide you with a host of benefits, primary being added security. Thus, if you are curious as to how to configure a Firewall in Linux OS, then this step-by-step guide is just what you need. This guide also includes screenshots that will help facilitate faster configuration. Take a look!
A. Why Do You Need to Configure a Firewall For Linux?
With ever-evolving technology and the changing times, most systems – irrespective of their OS-are vulnerable to hack attacks and threats. However, Linux OS or machines offer guaranteed security features by default and are immune to threats and other viruses.
With the rise in volume and variety, the intensity of cyber threats has also increased. Therefore, if you don’t want to risk your data or system OS, then it is important to configure your system with a Linux firewall, as added security features always guarantee complete safety. Buy the best hosting in India that offers you a firewall, antivirus, and other security software right here!
B. Step-by-Step Guide For Configuring a Firewall in Linux
If you are planning to configure a firewall in Linux, then here is a step-by-step guide to follow.
Step 1: Start with beefing up your Linux Security
Before you start with the whole process of configuration, you need to make sure that your system is up-to-date and all the security functions are updated with the latest security installed.
Most people don’t update their operating systems, so when you manually update any software it does not work on the system. Updating regularly keeps your system in a good shape.
With the Ubuntu/Debian Linux distribution system, the iptables is pre-installed. However, CentOS 7 and the following versions replace the iptables with FirewallD.
This is often set as a default firewall management tool. Well, if you are comfortable with iptables, go ahead and use it. But, you need to make sure you disable the FirewallD in your CentOS, before installing the iptables.
Step 2: Configuring Iptables
Iptables allow you to filter traffic as it’s a command-line firewall program. It helps to decide which packets can come in and go out based on the rules it’s configured to follow.
It allows and blocks traffic using a unique policy chain. It has three main types of policy chain – input, forward, and output.
- Input is generally used to control the incoming connections.
- Forward is used for packets that are not delivered locally.
- And, the output is used for outgoing connections.
- Listing the rules of current iptables, the output is: “sudo iptables -L”
- If you want to flush or clear out the existing rules, the output is: “sudo iptables -F”
You don’t have to worry about the installation part as iptables comes pre-installed with the Linux version. In case it is missing, you can use commands given below:
The above firewall command in Linux will reset the iptables.
- To change the default policies of chains, the output is: “sudo iptables -P Chain_name Action_to_be_taken”
- To change the policy of forwarding to drop, use the output: “sudo iptables -P FORWARD DROP”
Step 3: Blocking the connections
- If you need to drop or block connection for an IP address, then the output is: “iptables -A INPUT -s 10.10.10.10 -j DROP”
- Besides, if you want to block from a range of IP addresses, use the output: “iptables -A INPUT -s 10.10.10.10/24 -j DROP”
- To block connections to a specific port, the output is: “iptables -A INPUT -p tcp –dport ssh -j DROP”
In the above command, 10.10.10.10 is the IP address that you want to drop.
Step 4: Decide which firewall ports to close
Start by different lines of attack.
- For XMAS packets, the output is: “iptables -A INPUT -p tcp –tcp-flags ALL ALL -j DROP”
- To block the null packets, the output is: “iptables -A INPUT -p tcp –tcp-flags ALL NONE -j DROP”
Step 5: Decide on the firewall ports that are to be left open
- For all the incoming connections:
- For all the outgoing connections:
“Port Number/ Protocol for reason
993/ tcp & udp for IMAP (to receive emails)
143/ tcp & udp for Insecure IMAP
110/ tcp for POP3 (another way to receive emails)
22/ tcp for SSH (secure connection from machine to machine)
9418/ tcp for GIT (version control system)”
“Port Number/ Protocol for reason
80/ tcp for HTTP
443/ tcp for HTTPS (secure HTTP)
993/ tcp & udp for IMAP (to receive emails)
143/ tcp & udp for Insecure IMAP
53/ udp for DNS
21/ tcp for FTP (File Transfer Protocol)
465/ tcp for SMTP (to send emails)
25/ tcp for Insecure SMTP
22/ tcp for SSH (secure connection from machine to machine)
9418/ tcp for GIT (version control system)”
Step 6: Save the configuration of the firewall for Linux
Once you have made the required changes in settings, it’s time to save all your configurations, the output for which is:
“iptables -L -n
iptables-save | sudo tee /etc/sysconfig/iptables
service iptables restart”
Do restart your firewall after the above command.
Iptables is the most effective and popular firewall solution for Linux OS. But, some other alternatives and tools can be used as a replacement to iptables.
You can opt for GUI (graphical user interface) option over the command line. Other tools you can check out for Ubuntu/Debian distributions are Firewall Builder (Fwbuilder) and Firestarter.
In Brief,
The firewall provides overall controlled access to the system making it less vulnerable to attacks. It provides a filtering system that enables operating systems and their commands.
It is a better choice for organizations that are willing to cut down on the costs of security mechanisms. It helps in blocking the services that leak important information and data of the company. It helps to log the access and offers valuable statistics about network usage. It updates the security and reduces risks by filtering out the insecure services.
A Linux firewall acts as a comprehensive shield for your system through different stages and mechanisms. You have complete control over the settings of the firewall.
Technically, you can add and block IP’s using the commands. Configuring a host-based firewall system for Linux is easier than configuring a perimeter firewall. The host does not require many protocols to function, so there are no technicalities involved.
A host-based firewall system in Linux can be tuned to support specific applications and block others based on your need. Linux systems also support kernel-based filters that are suitable for constructing host-based firewalls.
Leave a Reply