Configuring a Firewall in Linux

• Firewalls are critical for securing Linux systems by controlling incoming and outgoing network traffic based on predefined rules.
• A firewall is a security system that monitors and controls network traffic.
• Linux firewalls operate at the kernel level using Netfilter, a packet-filtering framework.
• Firewalls perform filtering i.e., It blocks or allows specific traffic.
• Linux has NAT (Network Address Translation) features that translate IP addresses for routing.
• Linux firewall supports Port Forwarding i.e., Redirecting traffic from one port/IP to another.

Types of Linux Firewalls

• Stateful Firewall: This firewall tracks the state of network connections and allows/blocks packets based on connection states.
• Stateless Firewall: This firewall inspects packets independently, without tracking connections.

Configuring a Firewall with firewalld

• firewalld is a dynamic firewall management tool that uses zones to simplify rule configurations.

To Install firewalld

• • In Debian/Ubuntu Linux
    sudo apt install firewalld

    sudo systemctl start firewalld

    sudo systemctl enable firewalld
  • In RHEL/CentOS Linux
    sudo yum install firewalld

    sudo systemctl start firewalld

    sudo systemctl enable firewalld

Common Linux Firewalld Related Commands

1. • To List Current Status
     sudo firewall-cmd --state

     sudo firewall-cmd --get-active-zones

     sudo firewall-cmd --list-all
   • To Allow a Service
     sudo firewall-cmd --zone=public --add-service=http --permanent

     sudo firewall-cmd --reload
   • To Allow a Port
     sudo firewall-cmd --zone=public --add-port=8080/tcp --permanent

     sudo firewall-cmd --reload
   • To Block Traffic
     sudo firewall-cmd --zone=public --remove-service=ssh --permanent

     sudo firewall-cmd --reload

Configuring a Firewall with ufw

• ufw (Uncomplicated Firewall) is a user-friendly command-line tool for managing iptables rules(
  iptables is a user-space utility program that allows a system administrator to configure the IP packet filter rules of the Linux kernel firewall).

To Install ufw

• • In Debian/Ubuntu Linux
    sudo apt install ufw

    sudo ufw enable

Common Linux-related ufw Commands

• • To Check Status
    sudo ufw status
  • To Allow or Deny Traffic:
    • To Allow SSH:
      sudo ufw allow ssh
    • Deny HTTP:
      sudo ufw deny http
  • To Allow Specific Ports:
    sudo ufw allow 8080/tcp

    sudo ufw deny 3306
  • Delete Rules:
    sudo ufw delete allow ssh
  • Enable or Disable ufw:
    sudo ufw enable

    sudo ufw disable

Configuring a Firewall with iptables

iptables Basics

• iptables is the traditional tool for managing firewall rules by interacting directly with the Netfilter framework.
• iptables Chains
  • INPUT: Handles incoming packets.
  • OUTPUT: Handles outgoing packets.
  • FORWARD: Handles packets routed through the server.
• iptables Tables

• • filter: Default table for packet filtering.
  • nat: For Network Address Translation.
  • mangle: For packet modification.
  • raw: For advanced packet processing.
• Command Structure

sudo iptables [options] -A [chain] [conditions] -j [action]

Installing iptables

• In Debian/Ubuntu Linux

• In RHEL/CentOS Linux

Common iptables Commands

• To List iptables

• To Allow Specific Ports
  • Allow HTTP

• • Allow SSH

• To Block Traffic

• To Delete iptables

• To Save and Restore iptables
  • Save command

• • Restore command

Thus, the above overview allows us to choose the right tool based on our needs and configure a secure Linux firewall that works effectively.

Summary of Commands for Configuring Firewalls