Debian: set up firewall - how it works

For security, you should use a firewall on Debian. Find out how this works in this practical tip.

Setting up a firewall in Debian - how it works

1. Log in to Debian as administrator and open the terminal.
2. Enter the command "nano /etc/iptables.firewall.rules" to activate the firewall.

Insert commands and rules

This file is still empty. Add the following commands and rules to the file:

• *filter
• -A INPUT -i lo -j ACCEPT
• -A INPUT -d 127.0.0.0/8 -j REJECT
• -A INPUT -m state --state ESTABLISHED, RELATED -j ACCEPT
• -A INPUT -p tcp --dport 80 -j ACCEPT
• -A INPUT -p tcp --dport 443 -j ACCEPT
• -A INPUT -p tcp -m state --state NEW --dport 22 -j ACCEPT
• -A INPUT -p icmp -j ACCEPT
• -A INPUT -m limit --limit 5 / min -j LOG --log-prefix "iptables denied:" --log-level 7
• -A OUTPUT -j ACCEPT
• -A INPUT -j DROP
• -A FORWARD -j DROP
• COMMIT
• Save the changes with [Ctrl] + [O] and exit the nano editor with [Ctrl] + [X].

Further steps: Set up firewall under Debian

1. If you have saved the changes, you must import them with "iptables-restore </etc/iptables.firewall.rules".
2. To activate the controls automatically, enter the command "nano /etc/network/if-pre-up.d/firewall".
3. Here's what you need to add to make it work:
4. #! / Bin / sh
5. / sbin / iptables-restore </etc/iptables.firewall.rules
6. With "chmod + x /etc/network/if-pre-up.d/firewall" you make the file executable and the firewall is set up.

In our next practical tip, we will show you how to update the kernel under Debian Linux.