🐦‍⬛Documentation
SecurityFirewall

IP Tables

iptables firewall rules and configuration

To install Iptables:

apt install iptables

Also install the following package to iptables are persistent after reboot:

apt install iptables-persistent

Once this is installed, the iptables folder will contain two files for IPV4 and IPV6 rules:

  • /etc/iptables/rules.v4
  • /etc/iptables/rules.v6

Typically, an iptables command is as follows:

iptables [option] CHAIN_rule [-j target]

Here is a list of some common iptables options:

  • -A --append: Adds a rule to a string (at the end).
  • -C --check: Finds a rule that matches the requirements of the string.
  • -D --delete: Removes the specified rules from a string.
  • -F --flush: Deletes all rules.
  • -I --insert: Adds a rule to a string at a given position.
  • -L --list: Displays all rules in a string.
  • -N -new chain: Creates a new string.
  • -v --verbose: Displays more information when using a list option.
  • -X --delete-chain: Deletes the supplied string.

To display all the current rules on your server, enter the following command in the terminal window:

sudo iptables -L

Or it may be easier to view them with their numbered list:

sudo iptables -L INPUT --line-numbers -n

Insert a rule in a specific space with:

5 indicates the place in where the new rule will reside.

sudo iptables -I INPUT 5 -s 128.240.250.135 -j ACCEPT

Control traffic by IP address

Use the following command to accept traffic from a specific IP address.

sudo iptables -A INPUT -s your_IP_address_to_authorise -j ACCEPT

Replace the IP address in the command with the IP address you want to authorise.

You can also block traffic from an IP address:

sudo iptables -A INPUT -s your_IP_address_to_block -j DROP

Replace the IP address in the command with the IP address you want to block

\

UFW

Uncomplicated Firewall (UFW) configuration and management

Authelia

Guide to setting up Authelia for SSO authentication

On this page

Control traffic by IP address