Back to tutorials
Tutorial

Implementing firewall rules with iptables on AlmaLinux

In this tutorial, we'll explain how we implementing firewall rules with iptables on AlmaLinux 8 involves a series of steps to install, configure, and manage.

By Anurag Singh
Updated on Jul 08, 2024
Category: Tutorial
Share article
Implementing firewall rules with iptables on AlmaLinux

In this tutorial, we'll explain how we implementing firewall rules with iptables on AlmaLinux 9 involves a series of steps to install, configure, and manage. It involves a series of steps to install, configure, and manage iptables. Here's a detailed guide:

Step 1: Install iptables

Most modern Linux distributions, including AlmaLinux, come with iptables installed by default. You can verify its installation by running:

sudo yum install iptables iptables-services -y

Step 2: Enable and Start iptables

Enable the iptables service to start on boot and start the service:

sudo systemctl enable iptables
sudo systemctl start iptables

Step 3: Basic iptables Commands

List current rules:

sudo iptables -L -v

Add a rule:

sudo iptables -A INPUT -p tcp --dport 22 -j ACCEPT

Delete a rule:

sudo iptables -D INPUT -p tcp --dport 22 -j ACCEPT

Save rules:

sudo service iptables save

Restore rules:

sudo service iptables restart

Step 4: Example iptables Configuration

Here's an example of a basic iptables configuration:

Flush existing rules:

sudo iptables -F

Set default policies:

Caution with following commands. It will disconnect you from your server. 

sudo iptables -P INPUT DROP 
sudo iptables -P FORWARD DROP
sudo iptables -P OUTPUT ACCEPT

Allow loopback traffic:

sudo iptables -A INPUT -i lo -j ACCEPT

Allow established and related connections:

sudo iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT

Allow SSH connections:

sudo iptables -A INPUT -p tcp --dport 22 -j ACCEPT

Allow HTTP and HTTPS connections:

sudo iptables -A INPUT -p tcp --dport 80 -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 443 -j ACCEPT

Save the rules:

sudo service iptables save

Step 5: Persisting Rules Across Reboots

To ensure your iptables rules persist across reboots, save the rules using:

sudo service iptables save

The rules will be saved in /etc/sysconfig/iptables.

Step 6: Managing iptables with Scripts

For more complex setups, you can create a script to manage your iptables rules. Create a script, and add your rules there:

vi iptables.rules

Add following script:

#!/bin/bash

# Flush existing rules
iptables -F

# Set default policies
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT ACCEPT

# Allow loopback traffic
iptables -A INPUT -i lo -j ACCEPT

# Allow established and related connections
iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT

# Allow SSH
iptables -A INPUT -p tcp --dport 22 -j ACCEPT

# Allow HTTP and HTTPS
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
iptables -A INPUT -p tcp --dport 443 -j ACCEPT
iptables -A INPUT -p tcp --dport 8080 -j ACCEPT
iptables -A INPUT -p tcp --dport 3000 -j ACCEPT

# Save rules
service iptables save

Save and exit

Make the script executable:

sudo chmod +x iptables.rules

Run the script to apply the rules:

sudo ./iptables.rules

Step 7: Verify Configuration

Verify your iptables configuration:

sudo iptables -L -v

This guide should help you set up and manage iptables on AlmaLinux 9. Adjust the rules as per your specific requirements.