Firewall Configuration

This lesson covers essential concepts and practical steps for configuring firewalls in a Linux environment, focusing on both security and performance.

1. Introduction

A firewall is a network security device that monitors and controls incoming and outgoing network traffic based on predetermined security rules. Firewalls can be hardware-based or software-based.

2. Types of Firewalls

Firewalls can be categorized into several types:

• Packet Filtering Firewalls
• Stateful Inspection Firewalls
• Proxy Firewalls
• Next-Generation Firewalls (NGFW)

3. Using iptables

iptables is a user-space utility that allows a system administrator to configure the IP packet filter rules of the Linux kernel firewall.

3.1 Basic Commands

Here are some common iptables commands:

sudo iptables -L             # List all rules
sudo iptables -A INPUT -p tcp --dport 22 -j ACCEPT  # Allow SSH
sudo iptables -A INPUT -p tcp --dport 80 -j ACCEPT  # Allow HTTP
sudo iptables -A INPUT -p tcp --dport 443 -j ACCEPT # Allow HTTPS
sudo iptables -P INPUT DROP       # Drop all other inbound traffic
            

3.2 Saving the Configuration

To save your configuration, use:

sudo iptables-save > /etc/iptables/rules.v4

4. Using UFW (Uncomplicated Firewall)

UFW is a user-friendly front-end for managing iptables firewall rules.

4.1 Basic Commands

To manage your firewall with UFW, use the following commands:

sudo ufw enable               # Enable UFW
sudo ufw allow 22                # Allow SSH
sudo ufw allow 80                # Allow HTTP
sudo ufw allow 443               # Allow HTTPS
sudo ufw status                   # Check firewall status
            

5. Best Practices

When configuring firewalls, consider the following best practices:

• Implement the principle of least privilege.
• Regularly review and update firewall rules.
• Log and monitor firewall traffic.
• Use strong passwords and secure authentication methods.
• Keep firewall software up to date.

6. FAQ