Debian: set up firewall - how it works
For security, you should use a firewall on Debian. Find out how this works in this practical tip.
Setting up a firewall in Debian - how it works
- Log in to Debian as administrator and open the terminal.
- Enter the command "nano /etc/iptables.firewall.rules" to activate the firewall.
Insert commands and rules
This file is still empty. Add the following commands and rules to the file:
- *filter
- -A INPUT -i lo -j ACCEPT
- -A INPUT -d 127.0.0.0/8 -j REJECT
- -A INPUT -m state --state ESTABLISHED, RELATED -j ACCEPT
- -A INPUT -p tcp --dport 80 -j ACCEPT
- -A INPUT -p tcp --dport 443 -j ACCEPT
- -A INPUT -p tcp -m state --state NEW --dport 22 -j ACCEPT
- -A INPUT -p icmp -j ACCEPT
- -A INPUT -m limit --limit 5 / min -j LOG --log-prefix "iptables denied:" --log-level 7
- -A OUTPUT -j ACCEPT
- -A INPUT -j DROP
- -A FORWARD -j DROP
- COMMIT
- Save the changes with [Ctrl] + [O] and exit the nano editor with [Ctrl] + [X].
Further steps: Set up firewall under Debian
- If you have saved the changes, you must import them with "iptables-restore </etc/iptables.firewall.rules".
- To activate the controls automatically, enter the command "nano /etc/network/if-pre-up.d/firewall".
- Here's what you need to add to make it work:
- #! / Bin / sh
- / sbin / iptables-restore </etc/iptables.firewall.rules
- With "chmod + x /etc/network/if-pre-up.d/firewall" you make the file executable and the firewall is set up.
In our next practical tip, we will show you how to update the kernel under Debian Linux.