Setting up IP Tables rules

Discussion in 'all things UNIX' started by Gargoyle, Jul 20, 2013.

Thread Status:
Not open for further replies.
  1. Gargoyle

    Gargoyle Registered Member

    Joined:
    Jun 2, 2007
    Posts:
    67
    I'm new to linux and recently installed Linux Mint on my computer. On Windows 7, I have a very good firewall that I trust and use on all my computers. As far as I know, for linux, the firewall is built into the system and we only have to set up these "ip tables" rules? What kind of rules should I implement? The more secure the system the better. I am using LInux as a bare-bones system for now.



    Thanks!
     
    Gargoyle, Jul 20, 2013
    #1
  2. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,146
    bodhizazen.net/Tutorials/iptables

    This is a very good guide.
     
    Hungry Man, Jul 20, 2013
    #2
  3. shuverisan

    shuverisan Registered Member

    Joined:
    Dec 23, 2011
    Posts:
    185
    If you want to learn it, the Bodhi guide is great and there are a lot of blogs and Nixcraft articles on Iptables.

    But as a regular user you really don't need to mess with iptables, especially if you're behind a router. As a new user there are definitely better things to focus learning power on, like AppArmor and disabling unneeded services, IMO.

    Code:
    sudo ufw enable
    That is all you need to switch on the Linux firewall if you're not running servers. It blocks all incoming and allows all outgoing. That's the same as default Windows FW. If you want to go further, gufw is the graphical controller for ufw (and ufw is just a simplified frontend for iptables) and you can very easily tailor ufw to the ports, IP's and protocols you want.
    https://help.ubuntu.com/community/Gufw

    There's been good discussion on here about the differences on Linux vs Windows 'firewalls' due to how the OS's use permissions and access control.
    https://www.wilderssecurity.com/showthread.php?t=333138&page=2&highlight=linux firewall

    Basically, you'll be hard pressed to set up a Comodo FW-like solution in Linux, which I'm assuming you came from in Windows or something similar. Even iptables does not block application binaries. You can use ufw application rules to make specific allow/disallow rules for programs but I personally don't think the result is worth the effort.
     
    shuverisan, Jul 20, 2013
    #3
  4. NormanF

    NormanF Registered Member

    Joined:
    Feb 20, 2009
    Posts:
    2,879
    Use a graphical firewall GUI frontend - in Ubuntu, GUFW is the best and its recommended to leave it on the default settings unless you have special requirements. All you have to do is turn on the firewall and its will provide active protection! :thumb:
     
    NormanF, Jul 20, 2013
    #4
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...