A Comprehensive Guide to Simple IPTables Scripts

IPTables is a powerful firewall tool in Linux systems that allows you to control incoming and outgoing network traffic. It provides a flexible and customizable way to secure your system from potential security threats. In this article, we will provide a comprehensive guide to creating simple IPTables scripts to enhance your firewall security.

Understanding IPTables

Before diving into creating IPTables scripts, it is important to understand how IPTables works. IPTables operates by matching network packets against a set of rules and determining what to do with each packet based on those rules. Each rule specifies the action to be taken (accept, drop, reject, etc.), the protocol to match (TCP, UDP, etc.), and the source and destination addresses to match.

Setting up IPTables

To set up IPTables, you will need to have root privileges on your Linux system. Creating a folder name firewall and file whitelist.txt

mkdir /usr/src/firewall
touch /usr/src/firewall/whitelist.txt

Step 2 : Entering the list of allowed IP’s
Edit the whitelist.txt file and add the IP’s to be allowed

vi /usr/src/firewall/whitelist.txt
1.1.1.1
2.2.2.2
3.3.3.3
save and exit

Step 3 : Locate where the iptables path

type the below command
which iptables
which iptables-save
it will outputs as below

/sbin/iptables
/sbin/iptables-save
Copy the output ,we have replace in bash script in next steps

Step 4 : Iptables Bash script
Create a new File named as firewall.sh and copy paste the below scripts

replace the iptables path in that file.

vi /usr/src/firewall/firewall.sh

copy and paste the below script

#!/bin/bash
# allowed ip file location
WHITELIST=/usr/src/firewall/whitelist.txt
#
## Specify where IP Tables is located
#
IPTABLES=/sbin/iptables
IPTABLES_SAVE=/sbin/iptables-save
#
## Save current iptables running configuration in case we want to revert back
##  To restore using our example we would run "/sbin/iptables-restore < /usr/src/iptables.last"
#
$IPTABLES_SAVE > /usr/src/iptables.last
#
## Clear current rules
#
##If current INPUT policy is set to DROP we will be locked out once we flush the rules
## so we must first ensure it is set to ACCEPT.
#
$IPTABLES -P INPUT ACCEPT
echo 'Setting default INPUT policy to ACCEPT'
$IPTABLES -F
echo 'Clearing Tables F'
$IPTABLES -X
echo 'Clearing Tables X'
$IPTABLES -Z
echo 'Clearing Tables Z'
#Always allow localhost.
echo 'Allowing Localhost'
$IPTABLES -A INPUT -s 127.0.0.1 -j ACCEPT
$IPTABLES -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
$IPTABLES -A INPUT -p tcp --dport 22 -j ACCEPT
#
## Whitelist
#
for x in `grep -v ^# $WHITELIST | awk '{print $1}'`; do
echo "Permitting $x..."
$IPTABLES -A INPUT -s $x -j ACCEPT
done
# block all other traffice
$IPTABLES -P INPUT DROP
$IPTABLES -P FORWARD DROP
$IPTABLES -P OUTPUT ACCEPT

Save the rules so they are persistent on reboot.

/sbin/iptables-save

Note: replace lines based on output in step 3

IPTABLES=/sbin/iptables
IPTABLES_SAVE=/sbin/iptables-save

Below line will allow port 22 ssh to all ip’s, if you dont what this disable that line.

$IPTABLES -A INPUT -p tcp --dport 22 -j ACCEPT

Step 5 : Make firewall.sh file as read write and executable
run the below command to give read, write, executable permission to firewall.sh file

chmod +x /usr/src/firewall/firewall.sh

Step 6 : Running the script
type the full path of the file as shown below .

/usr/src/firewall/firewall.sh

Step 7 : check the iptables rules

Run the below iptables command to check the iptables rules

iptables -L -n 

Step 8: Persist the rules after reboot.
After reboot the iptables rules might got flushed, to avoid that either add the firewall.sh file in start up script ,under /etc/rc.d/rc.local or run the file in cronjob to run on reboot

crontab -e
@reboot /usr/src/firewall/firewall.sh

Restoring IPTables Rules

To restore IPTables rules, you can use the iptables-restore command. This command reads the rules from a file and applies them to IPTables.

iptables-restore < /etc/iptables.rules

Conclusion

IPTables is a powerful tool for controlling network traffic in Linux systems. By creating simple IPTables scripts, you can enhance your firewall security and protect your system from potential security threats. Whether you need to allow incoming traffic for specific services or drop incoming traffic from certain sources, IPTables provides a flexible and customizable way to control network traffic in your system.

• How to Use ViciDial Firewalld via command line
• How to Add Jobs to Cron in Linux and Unix Operating Systems
• Install and Configure ISPConfig Control Panel on Ubuntu 22.04
• How to Install FreePBX 15 on CentOS 7 with Asterisk 16
• Benefits of  Catch A Digital Marketing Agency in Islamabad