Introduction to Firewalls: Configuring
iptables on Linux.
People who work in cybersecurity do not spend most of their
time looking at screens with text like you see in the movies. Their real job is
to protect servers and networks from people. They do this by setting up
firewalls and making sure that only good people can get into the system.
One of the things that Linux system administrators and
security engineers have to do is set up firewall rules. This is important
whether you are managing a website, a cloud server or a companys network. You
need to understand how iptables works.
A lot of people who are just starting out with Linux learn
the commands but they do not really understand how the firewall works or how it
helps keep the network safe.
If you are looking for a computer training institute in
Devli that actually teaches you how to do things not just theory then you
should learn about Linux firewall administration.
At Kodvidya Academy of Computer Technology students get to
practice setting up firewalls managing Linux servers and testing network
security in our computer labs at our Faridabad, Yamuna Vihar and Devli/Khanpur
campuses.
---
What is a Firewall?
A firewall is like a guard that watches all the traffic
coming into and going out of a network. It helps keep the network safe by
following a set of rules.
It acts like a checkpoint between the inside network and the
not-so-safe outside network.
If you do not have a firewall:
Bad people can get into your network.
Bad software can talk to its friends outside.
Bad people can look for weaknesses in your
network.
Important systems can get hurt.
---
How Network Traffic Flows
```text
Internet
│
▼
Router
│
▼
Linux Firewall (iptables)
│
┌──┴─────────────┐
▼ ▼
Allow Block
│ │
▼ ▼
Application Dropped
Packet
```
Every time a packet comes into the Linux machine the
firewall checks it against the rules before it gets to the application.
---
Understanding Network Packets
Every time computers talk to each other they send packets of
information. These packets have:
| Field |
Description |
| ---------------- | ---------------- |
Source IP | Who
is sending it |
| Destination IP |
Who is getting it |
| Source Port |
What door it uses |
Destination Port | What service it wants |
Protocol |
How it gets there |
Payload |
What it actually says |
Firewalls look at all this information to decide if it
should let the packet through or not.
---
Installing iptables
Most Linux systems already have iptables.
To check if it is installed:
```bash
sudo iptables --version
```
To see all the firewall rules:
```bash
sudo iptables -L
```
To see details:
```bash
sudo iptables -L -v
```
---
Understanding iptables Chains
iptables looks at packets in a certain order. This order is
like a chain.
| Chain |
Purpose |
| ------- | ---------------- |
| INPUT | Traffic
coming in
| OUTPUT | Traffic
going out |
Forward | Traffic being sent to someone else |
Each packet is checked against these chains to decide what
to do with it.
---
Common Firewall Actions
A firewall can do things to a packet.
| Action Meaning |
| ------ | ------------------------- |
ACCEPT | Let the packet through |
| DROP | Throw the
packet away |
| REJECT Send a message saying no |
| LOG | Write down
what happened |
Security teams use these actions to keep the network safe.
---
Viewing Existing Rules
To see the rules with numbers:
```bash
sudo iptables -L --line-numbers
```
This helps administrators find and change rules.
---
Allow SSH Access
To let people log in remotely:
```bash
sudo iptables -A INPUT -p tcp --dport 22 -j ACCEPT
```
This means:
`-A` → Add a rule
`INPUT` → Traffic coming in
`-p tcp` → Using the protocol
`--dport 22` → On port 22 which is for SSH
`ACCEPT` → Let it through
---
Allow Web Traffic
For HTTP:
```bash
sudo iptables -A INPUT -p tcp --dport 80 -j ACCEPT
```
For HTTPS:
```bash
sudo iptables -A INPUT -p tcp --dport 443 -j ACCEPT
```
These rules let websites on the server be seen from the
internet.
---
Blocking an IP Address
To stop traffic from an IP address:
```bash
sudo iptables -A INPUT -s 192.168.1.100 -j DROP
```
This keeps packets from that IP address from getting to the
server.
---
Blocking a Port
To stop Telnet (port 23):
```bash
sudo iptables -A INPUT -p tcp --dport 23 -j DROP
```
Stopping services makes the server safer.
---
Allowing ICMP (Ping)
```bash
sudo iptables -A INPUT -p icmp -j ACCEPT
```
Some places block ICMP for security but others allow it for
monitoring.
---
Setting Default Policies
A safe server usually blocks all traffic by default.
```bash
sudo iptables -P INPUT DROP
sudo iptables -P OUTPUT ACCEPT
sudo iptables -P FORWARD DROP
```
Then administrators let through the traffic they need.
---
Saving Firewall Rules
Firewall rules go away when you restart the server unless
you save them.
On Ubuntu/Debian:
```bash
sudo apt install iptables-persistent
sudo netfilter-persistent save
```
Saving rules keeps the server safe after a restart.
---
Firewall Best Practices
Only let through ports.
Turn off services you do not need.
Check firewall logs often.
Test rules before using them.
Write down every rule.
Follow the rule of privilege.
Back up firewall settings.
---
Real-World Scenario
Imagine a company has an application for its employees.
The security requirements are:
Let through HTTPS (443)
Only let SSH in from the admin network
Block Telnet
Block FTP
Do not let in traffic
Write down connection attempts
This is a typical job for Linux administrators and
cybersecurity professionals.
---
Tools Used Alongside iptables
Security engineers often use:
Kali Linux
Ubuntu Server
Wireshark
Nmap
Metasploit Framework
Burp Suite
OpenSSH
Fail2Ban
tcpdump
Nessus
Learning these tools with firewall configuration gives you a
base for a cybersecurity career.
---
Career Opportunities
Mastering Linux networking and firewall administration can
lead to jobs like:
Linux System Administrator
Network Administrator
Cybersecurity Analyst
SOC Analyst
Penetration Tester
Security Engineer
DevSecOps Engineer
Cloud Security Associate
Many companies look for people with Linux security skills.
---
Why Choose Kodvidya Academy of Computer
Technology?
If you are looking for a computer training institute in
Devli that focuses on cybersecurity training Kodvidya Academy offers:
Live Linux Server Labs
Hands-on Firewall Configuration
Ethical Hacking Fundamentals
Penetration Testing Practice
Network Security Projects
Offline Computer Lab Facility
Job-Oriented Curriculum Modules
Delhi NCR Career Workshops
Resume Building & Mock Interviews
Placement Assistance
Students get real-world experience by working on scenarios
like those in companies.
---
Firewalls are a part of keeping Linux systems safe.
Understanding how iptables works and how it helps protect servers is important
for system administrators and cybersecurity professionals.
If you are looking for a computer training institute in
Devli to learn Linux and cybersecurity skills visit Kodvidya Academy of
Computer Technology. Meet our trainers see our labs. Attend a free career
counseling session at our Faridabad, Yamuna Vihar or Devli/Khanpur campuses.
Our hands-on approach, offline labs and industry-focused curriculum will help
you build the confidence you need for a career in cybersecurity.
---
Frequently Asked Questions
Is iptables still used today?
Yes. Even though some Linux systems use nftables iptables is
still widely used and important for Linux administrators.
Do I need to know Linux before learning
iptables?
It is helpful to know Linux commands but with the right
training you can learn firewall concepts even if you are a beginner.
Which ports should always be protected?
protected ports include SSH (22) Telnet (23) FTP (21) and
database ports depending on what the server does.
Can knowing firewalls help me get a
cybersecurity job?
Yes. Firewall management Linux administration and network
security are skills, for many entry-level cybersecurity jobs.
No comments:
Post a Comment