Last post we talked about firewalls and what they mean. I did a lot of talking about what the firewall should do, not how to do them. I also said the program that Linux uses is called iptables.

This time, we’ll talk about how to configure firewalls. Now, these are commands that can only be run as root, not as computerlamp or yourself. This is an informative post, not one you should run out and try. Unless you really really need firewall rules, then I suggest you Google for a more definitive list.

A firewall rule doesn’t exist by itself, it’s part of a collection. iptables calls these chains.

So, iptables has lots of flags. Lots and lots of flags. These are just a few:

The loopback (link) interface (lo) is the one where the computer talks to itself. The computer wants to talk to itself, so the command looks like:

iptables -A INPUT -i lo -j ACCEPT

That means add this rule to the INPUT chain. Now, for the loopback interface, accept all traffic coming in.

iptables -A OUTPUT -i lo -j ACCEPT

Add this rule to the OUTPUT chain and accept all traffic on the loopback interface.

Now suppose my friend is being really annoying and is attempting to hack my computer. I know what IP address his computer has, so I want to stop him at my firewall. Then he can be annoying all he wants, and I’ll never know.

iptables -A INPUT -s 8.8.8.8 -j DROP

Drop all traffic from the source 8.8.8.8 and don’t forget, add this rule to the INPUT chain.

Now 8.8.8.8 is Google’s public DNS server, so I don’t necessarily want to drop all traffic from there. I just didn’t want to publish my friend’s IP address.

Read the man page for iptables and you’ll see there’s all sorts of flags I didn’t mention. Remember, this isn’t for you to run out and try to change the firewall on your Linux system, it’s just to talk about what you could do.