Secure Linux Os

Secure Your Linux Desktop with Iptables

By Bob L | July 8, 2017

Linux may have a reputation for security, but it isn’t perfect. Many distributions also don’t have the best security defaults, so it’s best to implement some best practices for security. One such example is using a firewall.

There are a few options for firewalls in Linux, but most are actually just wrappers around iptables. For this guide we will show you how to work with iptables directly.

What Is Iptables?

Iptables is the Linux kernel firewall. It comes with every Linux distribution, and it’s the most direct way to control traffic coming into and out of your computer.

Iptables has a reputation for being complex, and it can be. You don’t need to know everything about iptables to use it effectively on your desktop, though. You just need some basic knowledge of how it works and how its rules are structured.

Command Structure

All iptables rules follow the same basic structure. Each rule is a single-line command to iptables that tells it how to handle traffic on a specific port. Take a look at the example below:

-A INPUT -i eth0 -p tcp -m state --state ESTABLISHED,RELATED --sport 80 -j ACCEPT

That might look like a lot, but it’s really simple when you break it down. First, this rule begins with -A because it will append onto your iptables rules.

Next, the -i flag specifies the interface that the rule is for. In this case, it’s eth0. When you write your own rules, make sure that you know which interface you’re connected to your network through.

The following flag, -p, names the protocol. This rule is for tcp, which is Web traffic.

The -m flag is a little different. It is used to assert that there is a condition that must be met in order for traffic not to be rejected. The condition in this rule is the state.

State is actually the next flag. You need to give --state a list of acceptable states written in all caps and separated with commas. This rule accepts both new and established connections.

The second to last flag here is --sport. It stands for “source port,” and it tells iptables where the traffic is coming from. There is also a --dport flag that stands for “destination port.” It’s used for OUTPUT rules for handling which port traffic is arriving from.

Finally, there’s the -j flag. It tells iptable which action to “jump” to. In this case it should ACCEPT the traffic that meets the previous conditions.

Read More

Keywords:

How To Secure Your Linux Desktop, Linux Securetty, Secure A Linux Server, Secure A Linux System, Secure Linux, Secure Linux Client, Secure Linux Configuration, Secure Linux Desktop, Secure Linux Distro, Secure Linux Embedded, Secure Linux Installation, Secure Linux Iptables, Secure Linux Mint, Secure Linux Os, Secure Linux Ubuntu, Secure Linux Ubuntu Server, Secure Linux Workstation, Secure Uefi Linux

Posted in Blog, Fixing Linux, General and tagged firewall, How To Secure Your Linux Desktop, iptables, linux, Linux Securetty, Secure A Linux Server, Secure A Linux System, Secure Linux, Secure Linux Client, Secure Linux Configuration, Secure Linux Desktop, Secure Linux Distro, Secure Linux Embedded, Secure Linux Installation, Secure Linux Iptables, Secure Linux Mint, Secure Linux Os, Secure Linux Ubuntu, Secure Linux Ubuntu Server, Secure Linux Workstation, Secure Uefi Linux, ssh