How to install and configure FAIRWALL/IP TABLES on Ubuntu (Server) 14.04 LTS Step-by-Step

In this post we will learn about how to save iptables permanently on Ubuntu. We will use the package called iptables-persistent.

Step 1 – Update repositories.

root@mail:/# apt-get update
root@mail:/# apt-get upgrade

Step 2 – Install iptables-persistent

root@mail:/# apt-get install iptables-persistent

Step 3 – The below given screen is for selecting IPv4.

Step 4 – The below given screen is for selecting IPv6(if you do not want to install for IPv6,select no).

Step 5 – Make static IP Address. Open network config file with this command nano /etc/network/interfaces and change the current content for eth0 with this:

auto eth0
iface eth0 inet static
   address 192.168.0.1
   netmask 255.255.255.0
   network 192.168.0.0
   gateway 192.168.0.254
   dns-nameservers 8.8.8.8

Step 6 – Add iptables rules permanent – open network config file nano /etc/network/interfaces add the following line of the end. This is for ip version 4 if you want you can add ip version 6

pre-up iptables-restore < /etc/iptables/rules.v4

Step 7 – If you want to block ip address, you can execute the following command.

root@mail:/# iptables -I INPUT 1 -s 192.168.1.111/32 -j DROP

Step 8 – If you want to block ip address range, you can execute the following command.

root@mail:/# iptables -I INPUT 1 -s 192.168.0.0/16 -j DROP

Step 9 – If you want to block ip address range but you want to allow access of one ip address from this range, you can execute the following commands.

root@mail:/# iptables -I INPUT 1 -s 192.168.1.15/32 -j ACCEPT
root@mail:/# iptables -I INPUT 2 -s 192.168.0.0/16 -j DROP

Step 10 – Save iptables

root@mail:/# iptables-save > /etc/iptables/rules.v4

Step 11 – Show iptables

root@mail:/# iptables -L -n –line-numbers
Chain   INPUT   (policy    ACCEPT)
target    prot    opt    source     destination
1    ACCEPT   all  — 192.168.1.15    0.0.0.0/0
2    DROP    all  — 192.168.0.0/16    0.0.0.0/0
3    DROP    all  — 192.168.0.0/16    0.0.0.0/0
4    DROP    all  — 192.168.1.111    0.0.0.0/0

Step 12 – Delete ip address from iptables. You must see number of ip address. For example I will remove 192.168.1.111

root@mail:/# iptables -D INPUT 4

Step 13 – Save iptables agein.

root@mail:/# iptables-save > /etc/iptables/rules.v4

4 ThemeHow to configure firewall for “brute force attack” with fail2ban on Ubuntu (Server) 14.04 LTS Step-by-Step

Leave a Reply

Your email address will not be published. Required fields are marked *

*
*
Website