Install Iptables on Ubuntu 24.04.1 LTS

If you’re looking to install iptables and remove UFW (Uncomplicated Firewall) on Ubuntu 24.04.1 LTS, you’re in the right place. Whether you need advanced firewall configuration or simply want to switch from UFW to iptables for greater control, this guide will walk you through the entire process.

What is iptables?

iptables is a powerful tool built into most Linux distributions that allows you to configure and manage firewall rules at a granular level. It is widely used to control incoming and outgoing network traffic based on IP addresses, ports, and protocols. iptables is ideal for users who need robust, customized firewall setups with a high degree of control over network traffic.

Installing iptables on Ubuntu 24.04.1 LTS

Before you can start using iptables, you’ll need to install it. Fortunately, the installation process is straightforward.

Step 1: Update Your Package Lists

Start by updating your package repositories to ensure you get the latest version of iptables:

sudo apt update

Step 2: Install iptables

Now, you can install iptables and iptables-persistent.

Install the iptables-persistent package to ensure that your rules are automatically loaded at boot:

sudo apt install iptables
sudo apt install iptables-persistent

This will install iptables along with any necessary dependencies.

Step 3: Verify the Installation

Once the installation is complete, verify that iptables was installed correctly by checking its version:

sudo iptables --version

This command will display the installed version of iptables, confirming that it’s ready for use.

Removing UFW from Ubuntu 24.04.1 LTS

If you no longer need UFW and prefer to manage your firewall entirely through iptables, here’s how to remove UFW from your system.

Step 1: Disable UFW

Before removing UFW, you should disable it to stop any active firewall rules from interfering with the process. Run the following command:

sudo ufw disable

Step 2: Uninstall UFW

Next, uninstall UFW and remove its configuration files:

apt remove --purge ufw

To remove any residual packages that are no longer needed, run:

sudo apt autoremove

This will clean up unnecessary packages and dependencies.

Configuring iptables for Basic Firewall Protection

After installing iptables, configure it for secure operation by following the steps below. These commands create a baseline setup that allows essential traffic, such as SSH and ping requests, while dropping all other incoming connections.

Step 1: Insert the Basic Configuration Commands

Run the following commands to set up your iptables rules:

# Allow all incoming traffic temporarily (default policy)
iptables -P INPUT ACCEPT

# Flush (remove) all existing rules
iptables -F

# Delete any custom chains
iptables -X

# Allow loopback traffic
iptables -A INPUT -i lo -j ACCEPT

# Allow incoming traffic for established and related connections
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

# Allow SSH connections
iptables -A INPUT -p tcp -m tcp -m state -m comment -s 0.0.0.0/0 --dport 22 --state NEW -j ACCEPT --comment "SSH"

# Allow ping requests (ICMP echo)
iptables -A INPUT -p icmp --icmp-type echo-request -j ACCEPT

# Set default policies
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT ACCEPT

Step 2: Verify the Rules

After adding the rules, check the current iptables configuration:

sudo iptables -L -v

This command will display the list of rules currently in place, their targets (ACCEPT, DROP), and which interfaces or IP addresses they apply to.

Example output:

Making iptables Rules Persistent – Saving iptables Rules

By default, iptables rules are not persistent and will be lost after a system reboot. To ensure your configuration survives restarts, you need to save the rules and set up iptables to reload them automatically.

Use the iptables-save command to save the current configuration to a file:

sudo iptables-save > /etc/iptables/rules.v4

Conclusion

You’ve successfully installed iptables, removed UFW, and configured your firewall on Ubuntu 24.04.1 LTS. By making the switch to iptables, you now have full control over your firewall configuration, enabling you to fine-tune network security based on your needs.

If you found this guide useful, feel free to share it with others who may need it. Stay secure and in control of your network!

arstech