Basic firewall using iptables
A firewall is a network service that is used to filter network traffic for unwanted traffic, block it, and allow the desired traffic to pass. The standard firewall tool for Linux is iptables
, which is integrated into the kernel in recent versions.
How to do it...
iptables
is present by default on all modern Linux distributions. It's easy to configure for common scenarios:
- If don't want to contact a given site (for example, a known malware site), you can block traffic to that IP address:
#iptables -A OUTPUT -d 8.8.8.8 -j DROP
If you use PING 8.8.8.8
in another terminal, then by running the iptables
command, you will see this:
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data. 64 bytes from 8.8.8.8: icmp_req=1 ttl=56 time=221 ms 64 bytes from 8.8.8.8: icmp_req=2 ttl=56 time=221 ms ping: sendmsg: Operation not permitted ping: sendmsg: Operation not permitted
Here, the ping fails the third time because we used the iptables
command...