Back to course

Firewall Management with iptables

Modern DevSecOps (The Hard Way)

Network Security at the Kernel Level

iptables allows you to define rules for what traffic can enter or leave your server.

Commands:

  • List rules: sudo iptables -L -n -v.
  • Allow established connections: sudo iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT.
  • Block everything else (Default DROP policy): sudo iptables -P INPUT DROP.

Warning: Ensure you have allowed your SSH port before setting the default policy to DROP, or you will be locked out!