Install and Use Iptables on Ubuntu 22.04 – Best Practices

Install and Use Iptables on Ubuntu 22.04 - orcacore.com

In this guide from the Orcacore website, we want to teach you How To Install and Use Iptables on Ubuntu 22.04.

iptables are a tool that you can use to configure your IP packet filter rules of the Linux kernel firewall. You can control your network traffic packets by using these filters.

Also, you can use iptables to control both incoming and outgoing packets as well as controlling the network packets.

Steps To Install and Use Iptables on Ubuntu 22.04

To Install and Use Iptables on Ubuntu 22.04, you must log in to your server as a non-root user with sudo privileges. To do this, you can follow our article the Initial Server Setup with Ubuntu 22.04.

Now follow the steps below to Install and Use Iptables on Ubuntu 22.04.

Setp 1 – iptables Installation on Ubuntu 22.04

First, run the system update with the following command:

sudo apt update

By default, iptables come pre-installed in most Linux distributions.

Note: If you don’t have it installed on your server, then, you can use the following command to install the iptables firewall on your server:

sudo apt install iptables

You can check your iptables configuration with the following command:

sudo iptables -L -v

The -L option used in the above command is for the list of all rules, and the -v option is used to show information in more detail.

In your output you will see:

Output
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination 
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination 
Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination

Now that you have installed iptables on Ubuntu 22.04, let’s see some basic usage of it.

Step 2 – How To Use iptables?

In this part, we intend to show you some basic usage of iptables on your server (firewall using iptables on Ubuntu).

Define a Rule with iptables:

You can use iptables to define a rule. It means that you can append it to the chain.

To do this, you can use the -A option after the iptables command on Ubuntu 22.04 as shown below:

sudo iptables -A [argument]

Also, you can combine the command with other options like:

  • -i: The network interface whose traffic you want to filter, such as eth0, lo, ppp0, etc.
  • -p:  The network protocol where your filtering process takes place. It can be either TCP, UDP, udplite, ICMP, SCTP, icmpv6, and so on. Also, you can type all to choose every protocol.
  • -s: The address from which traffic comes. You can add a hostname or IP address.
  • -dport: The destination port number of a protocol, such as 22 (SSH), 443 (https), etc.
  • -j:  The target name (ACCEPT, DROP, RETURN). You need to insert this every time you make a new rule.

iptables Command in Order:

If you want to use all of the parameters, you need to type the iptables command on Ubuntu 22.04 in the order shown below:

sudo iptables -A <chain> -i <interface> -p <protocol (tcp/udp) > -s <source> --dport <port no.>  -j <target>

iptables Allow Traffic:

To allow traffic on localhost, you can use the iptables firewall command like the below command:

sudo iptables -A INPUT -i lo -j ACCEPT

iptables Enable Connection:

You can enable a connection like SSH on iptables command like this:

sudo iptables -A INPUT -p tcp --dport 22 -j ACCEPT

Then, you can check the rule that has been appended in iptables on Ubuntu 22.04 with the command below:

sudo iptables -L -v

In your output you will see:

Output
0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:ssh

iptables Filter Packets:

Iptables allow you to filter packets on an IP address or a range of IP addresses. To do this, you need to use the -s parameter in the iptables command on Ubuntu 22.04. For example:

sudo iptables -A INPUT -s 10.10.0.1 -j ACCEPT

iptables Reject Packets:

You can also reject the packets with the command below:

sudo iptables -A INPUT -s 10.10.0.1 -j DROP

iptables Drop All Traffics:

Also, you can drop all other traffic simply by using the following command:

sudo iptables -A INPUT -j DROP

iptables Delete Rules:

To delete all current rules on your iptables firewall you can use the following command:

sudo iptables -F

To delete a specific rule, you need to first check the available rules of iptables on Ubuntu 22.04 by typing the following command:

sudo iptables -L --line-numbers

In your output you will see:

Output
num target prot opt source destination
1 ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
2 ACCEPT tcp -- anywhere anywhere tcp dpt:ssh

Here to delete a specific rule, you also need to specify the rule number in the command below:

sudo iptables -D INPUT 2

To apply the changes that have been saved on boot you can use the following command:

sudo /sbin/iptables-save

Disable iptables Ubuntu:

If you want to disable iptables, you can use the following commands:

$ sudo iptables -F
$ sudo /sbin/iptables-save

In your output you will see:

Output
:INPUT ACCEPT [19:2597]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [6:528]
...

If you want to find more detailed information about iptables and their options it is highly recommended to read its manual:

man iptables

Can We Start and Enable iptables as a service on Ubuntu?

In this part from Install and Use Iptables on Ubuntu 22.04, we want to check if we can start iptables as a service. Iptables are not a specific service or program that you can ‘start’, ‘enable’, or ‘stop’. You can just use iptables commands to run your tasks. There is no program or service that you can manage from the systemd. As we said in the article, you can check your configuration by using the command below:

iptales -L

How To Show Iptables Rules on Ubuntu?

You can easily list your iptables rules on Ubuntu by using the commands below:

To list IPV4 rules, you can run:

sudo iptables -S

Get the list of all IPv6 rules with the command below:

sudo ip6tables -S

To list all table rules, you can run: 

sudo iptables -L -v -n | more

Note: The iptables store their information in RAM on Ubuntu 22.04, meaning it’s non-persistent. 

How To Save iptables Rules Persistent in Ubuntu?

At this point, you have learned to Install and Use Iptables on Ubuntu 22.04. If you want to save or restore iptables (installing iptablespersistent on Ubuntu), you can follow the steps below:

First, you can use iptables as normal to set up your rules the way you want them.

Then, you can freeze the rules with the following command:

sudo iptables-save | sudo tee /etc/iptables.conf

Then, to load your rules, you can run:

sudo iptables-restore < /etc/iptables.conf

You can add this to your /etc/rc.local or similar to have it run automatically at boot (iptables rules persistent on reboot). Or you can have your program call this executable (or just pass the same iptables rules over and over again).

Conclusion

iptables is a powerful firewall that you can easily install and use. Every system administrator must learn at least the basics of iptables. With this guide, you have learned to Install and Use Iptables on Ubuntu 22.04.

Hope you enjoy it. You may be interested in these articles:

How To Install PowerShell on Ubuntu 22.04

Install and Use CMake on Ubuntu 22.04

How To Install MonoDevelop on Ubuntu 22.04

Install OpenSSL 3 on Ubuntu 20.04

Ubuntu 24.04 Noble Numbat Future LTS Release

Tags
Share your love
Related Posts

Stay informed and not overwhelmed, subscribe now!