
Security firewalls are one of the most important tools for securing Linux systems. The two commonly used firewall management systems on Linux are iptables and firewalld. In this article, I will explain how to configure firewalls using iptables and firewalld in detail.
1. What is a Firewall and Why is it Important?
A firewall is a system that blocks unauthorized network access. On Linux servers, you can allow or block specific connections.
For example: You can configure a server to accept only SSH (22) and HTTP (80) connections and block all other requests.
There are two main tools for managing firewalls on Linux:
- iptables: An older but powerful firewall manager.
- firewalld: Built on top of iptables, offering a more modern and user-friendly management system.
2. Using iptables
iptables is a powerful firewall tool used to filter network packets.
Basic iptables Commands
Action | Command |
---|---|
List current rules | sudo iptables -L -v -n |
Flush all rules | sudo iptables -F |
Allow a specific port (SSH - 22) | sudo iptables -A INPUT -p tcp --dport 22 -j ACCEPT |
Block a specific port | sudo iptables -A INPUT -p tcp --dport 23 -j DROP |
Block all incoming connections | sudo iptables -P INPUT DROP |
Example: Allow SSH and HTTP, Block All Other Connections
sudo iptables -F
sudo iptables -A INPUT -p tcp --dport 22 -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 80 -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 443 -j ACCEPT
sudo iptables -P INPUT DROP
sudo iptables -P FORWARD DROP
sudo iptables -P OUTPUT ACCEPT
This set of commands allows SSH (22), HTTP (80), and HTTPS (443) and blocks all other connections.
To make rules persistent:
sudo iptables-save > /etc/iptables/rules.v4
3. Using firewalld
firewalld is a more flexible and user-friendly firewall management system compared to iptables.
Starting and Checking Firewalld
sudo systemctl start firewalld
sudo systemctl enable firewalld
sudo firewall-cmd --state
Basic firewalld Commands
Action | Command |
---|---|
List active zones | sudo firewall-cmd --get-active-zones |
Allow a specific port (SSH - 22) | sudo firewall-cmd --permanent --add-service=ssh |
Close a specific port | sudo firewall-cmd --permanent --remove-service=http |
List current rules | sudo firewall-cmd --list-all |
Reload firewalld | sudo firewall-cmd --reload |
Example: Allow SSH, HTTP, and HTTPS, Block All Other Connections
sudo firewall-cmd --permanent --add-service=ssh
sudo firewall-cmd --permanent --add-service=http
sudo firewall-cmd --permanent --add-service=https
sudo firewall-cmd --reload
In firewalld, rules are persistent and are saved with the --permanent
flag.
4. Basic Security Scenarios
Here are a few examples of commonly used firewall rules in Linux systems:
1️⃣ Allow SSH (22) Port for Specific IPs
If you want only a specific IP to have SSH access, use:
With iptables:
sudo iptables -A INPUT -p tcp --dport 22 -s 192.168.1.100 -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 22 -j DROP
With firewalld:
sudo firewall-cmd --permanent --add-rich-rule='rule family='ipv4' source address='192.168.1.100' service name='ssh' accept'
2️⃣ Block All Incoming Traffic, Allow Only Specific Ports
With iptables:
sudo iptables -P INPUT DROP
sudo iptables -A INPUT -p tcp --dport 22 -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 80 -j ACCEPT
With firewalld:
sudo firewall-cmd --permanent --remove-service=all
sudo firewall-cmd --permanent --add-service=ssh
sudo firewall-cmd --permanent --add-service=http
sudo firewall-cmd --reload
5. Persistent Rules and Automatic Loading
To make iptables rules persistent:
sudo iptables-save > /etc/iptables/rules.v4
In firewalld, changes are persistent, but you need to keep the firewalld service active:
sudo systemctl enable firewalld
6. Summary
To enhance security on Linux, managing incoming and outgoing traffic with iptables or firewalld is a critical step.
- ✔ Close unnecessary ports.
- ✔ Allow only specific IP addresses.
- ✔ Regularly review firewall rules.
- ✔ Update security policies regularly.
By using these methods, you can make your Linux server more secure!
Related Articles

Advanced File and User Management in Linux
