From the course: Protecting Your Network with Open Source Software
Setting up a host firewall using iptables
From the course: Protecting Your Network with Open Source Software
Setting up a host firewall using iptables
- [Instructor] Let's set up a host firewall using IP tables. The default rules for host firewalls are blocking all the incoming or ingress packets, allowing all the outgoing or egress packets and then disabling forwarding. Forwarding is for redirecting a packet coming to a particular network interface card, or NIC, to another NIC. Your computer usually has only a single network interface card. In our case, all we care about is the host itself. Therefore, forwarding is irrelevant. Let's start by looking at the current Netfilter settings. We'll start by typing sudo, which temporarily makes you a root or super suer only when you're issuing that particular command. Type sudo space iptables -L and press Enter. If your operating system or OS asks for a password for the root, provide one. The terminal displays the current Netfilter settings. According to the output, the chain INPUT accepts all the incoming packets. The FORWARD chain also accepts packets. The OUTPUT chain accepts all the outgoing or egress packets. Let's see if the firewall rules work. Before moving on, let's check the IP address of the Ubuntu host. Type ifconfig. Press Enter. The IP address is 10.0.0.4. Keep this IP address in mind because we are going to ping this IP address from another host. The ping command is used for checking if a host is up or down. First, activate a command prompt. Type cmd. Choose Command Prompt. Type ipconfig. The IP address of this host is 10.0.0.5. Now I'm going to be pinging the Linux host from my Windows client by typing ping 10.0.0.4. Press Enter. My pings are receiving responses from the Ubuntu host. Great, the firewall rules are working because we want them to accept the incoming packets, like my pings. Now we're going to set up our Netfilter firewall to block all the incoming traffic while disabling forwarding and allowing the outgoing traffic. The first command to give is sudo iptables -P. Make sure P is capital. Dash P indicates a default rule for a particular chain. To block forwarding, let's type FORWARD DROP. Press Enter. Let's check the updated forwarding rule. I can recall my previous commands by using the up arrow key and that's what I just did. The command is sudo iptables -L. Press Enter. Do you see the word DROP next to FORWARD? It was ACCEPT when we checked the status last time. Finally, let's drop all the incoming packets by typing sudo iptables -P INPUT DROP. Press Enter. At this point, if you're connecting to your virtual machine through a remote desktop client, you'll lose your access. That's exactly what happened to me here. The drop command certainly worked. Now let's go back to our Windows host and try to ping the Ubuntu virtual machine again. I can recall my previous command here by using the up arrow key again. The command is ping 10.0.0.4. Press Enter. Your ping requests are timing out. There is no response, which means that the firewall is doing its job. What do you think? Setting up the host file using the CLI isn't that bad, right?
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
-
(Locked)
Netfilter and iptables3m
-
Setting up a host firewall using iptables5m 24s
-
(Locked)
Automating Netfilter configuration5m 17s
-
(Locked)
Understanding hosts as routers2m 30s
-
(Locked)
Adding a network adapter3m 49s
-
(Locked)
Testing the second adapter2m 20s
-
(Locked)
Setting up IP forwarding3m 55s
-
(Locked)
Changing Netfilter settings6m 37s
-
(Locked)
Testing the router1m 21s
-
(Locked)
-
-
-
-
-