Firewall Configuration

IntermediateSecurity
iptablesfirewalldufw

Objective

Hands-on practice with firewall configuration techniques.

Tools & Technologies

  • iptables
  • firewalld
  • ufw

Key Commands

iptables -A INPUT -p tcp --dport 22 -j ACCEPT
firewall-cmd --permanent --add-service=http
ufw allow 443/tcp
iptables-save > /etc/iptables/rules.v4

Lab Steps

01
iptables Basics

Create INPUT, OUTPUT, and FORWARD chain rules with iptables.

02
Default Deny Policy

Set default DROP policies and whitelist required services.

03
firewalld Zones

Use firewalld zones to assign trust levels to network interfaces.

04
Persistence

Save iptables rules with iptables-save and restore on boot.

Challenges Encountered

  • Order of iptables rules matters — first match wins
  • firewalld and iptables can conflict — use one or the other

Key Takeaways

  • Always set default DROP policy after establishing management access
  • Test rules before persisting — a bad firewall rule can lock you out