Everything You need to Know about IPtables On Ubuntu Linux

Posted on September 22nd, 2022

Networking in Linux is one of the most critical concept for you if you work on Linux systems reguarly. For any Linux administrator having core knowledge about IPs and firewalls is important. 

No matter which application is deployed on Linux, clients won’t be able to access the website if the firewall on server is not properly configured. It is even dangerous if no firewall is configured on the system.

In this tutorial, we will learn about the firewalls and Iptables in the Ubuntu Linux Operating system. After learning about IPTables from this tutorial, you will be able to easily understand the rules to correctly apply and manage firewall on your Ubuntu server.

Setting up a firewall or Ip tables may seem complicated, but it’s not. We will understand tables, chains, and inbound and outbound rules in an Iptable.

What Is Iptable In Ubuntu Linux Operating System 

To understand the concept of Iptable in any operating system, first, we need to know what is an IP address. Ip stands for internet protocol. 

The IP address is labeled and attached to a computer network. This address uses the internet protocol to access the internet or other networks. 

There are mainly two types of IPs. The first is the private IP, and the second is the public IP.

To understand what Iptables are, let us first understand what a firewall is.

A firewall is a barrier or wall between networks, your operating systems, and their applications.

Any network or IP address will first have to face the operating system’s firewall; only after clearing the firewall network the IP address can enter or access the server and its applications. 

But the firewall is just the upper layer of security. To make your system more secure, we must configure the Iptables to restrict or permit access to a specific network, IP addresses, and port numbers. 

Now, let us understand how we can install Iptables on Ubuntu.

How To Install Iptables in Ubuntu Linux Operating system

As Ubuntu is a Debian-based operating system, we will use the apt package manager for installing the iptables.

Most of the time, iptables is pre installed in Ubuntu, so check if the iptables is installed or not by using the following command.

$ sudo iptables -l

Commands To Install Iptable on Ubuntu

If iptables is not installed, Execute the following command to install Iptables instantly on your server.

$ sudo apt install iptables

It may take a few minutes to install and configure iptables package on your server. Once the installation is complete, Iptables is ready for managing traffic on your server. Let’s learn a few important tables in IpTables first. Then we will see how to allow or deny traffic from specific IP address or on specific port of your server.

Important Types Of Tables In Iptables  

There are mainly 4 types of tables in Iptable. I have listed them below and also provided a short explanation about them.

1. Filler Table 

Most of the time, we will be using the filler table. This table is used when we want to allow the packets to reach their destination.

2. NAT (Network Address Translation) Table

The NAT table will change the source and destination of the packages. Some services can’t be directly accessed, so we use the network address translation to access them.

3. Mangle Table

The mangle tables are used for making changes in the IP headers. Mainly they have three types.

  1. COUGH
  2. TTL 
  3. MARK

4. RAW Table

In Linux, the system can track the packets with their state. If we want to work with these packets without monitoring their condition, we use the mangle table.

Types Of Command Options In Iptables

Command options allow you to take a specific action on the firewall rules. Here are a few examples of command options.

  1. A: If you want to add a new rule to the existing chain at the end of the line, we use -a in the command.
  1. I: Unlike -a, where one can only add a rule at the end of the line, with – I, we can add a new tradition at any specific position in the table.
  1. D: If you want to delete any rule in the table, add – d in the command.
  1. X: If the user wants to delete the rules and the entire chain, we use – x in the command.

There are many more commands, but those mentioned above are most frequently used in iptables. You can use man iptables command to learn all the available command options in iptables.

How To List All The Iptables In Ubuntu

To list all the current firewall configurations in Ubuntu, execute the command mentioned below.

$ sudo iptables -L

The above data will give you an idea of which IP is passing through the firewall and which IPs and networks are restricted.

How To Allow And Restrict IP By Using IPTables

Now, let us understand how we can allow or restrict a specific type of network by using the table.

Every network runs on top of a port; for instance, HTTPS runs on the 443 port number.

So, if we want to block all the https access from our ubuntu operating system, we use the following command.

$ sudo iptables -A INPUT -p tcp --dport 443 -j ACCEPT

Let’s break the above command to understand what we have accomplished. The –dport tag allows any port in the table.

The ACCEPT tag lets our table know that we want to allow https access to our Ubuntu OS.

Similarly, we use the below command if we want to reject the https access from our operating system.

$ sudo iptables -A INPUT -p tcp --dport 443 -j REJECT

The above command will reject all the networks that run on the 443 port.

How To Accept Or Block A Specific IP Address in IPTable

If we want to accept or restrict a specific ip address from the firewall/OS/Iptable, then we use the below command

$ sudo iptables -A INPUT -s 2.2.2.2 -j ACCEPT

You can replace the above 2.2.2.2 ip with any other ip.

If we want to reject any particular IP, we use the below command.

$ sudo iptables -A INPUT -s 2.2.2.2 -j REJECT

If we want to drop packets for any specific IP, we use the below command.

$ sudo iptables -A INPUT -s 2.2.2.2 -j DROP

Update the IP address according to your requirements. You can also combine block IP address and block port together in a single Firewall rule. It means that you can also block requests on specific port for specific IP address.

Conclusion

Iptables are easy to understand and a robust tool in Ubuntu to manage firewall for the system. In this article, we learned about Iptables, firewalls and installing the Iptables on the Ubuntu operating system. We have also figured out how to allow specific networks, Ip addresses and port numbers to be allowed or restricted from our ubuntu machine.

We hope this tutorial was helpful for you. If you have any questions, You can use the comment section given below to reach us. We are happy to help.

Leave a Reply