One of the most important tasks for a Linux system administrator is to control access to the network services. At times, it may be better to block all incoming traffic on the server and only allow required services to connect.
As we will be using iptables
here as well, no extra packages are needed to perform these steps. We just need a user account with super user access. However, this account should preferably not be a root
account.
We will configure Iptables to deny everything, except the traffic that has been initiated from inside our system (for example, the web browsers have web traffic, or some downloading has already been initiated earlier for updating the package or any other software):
- As in the previous examples, our first rule in Iptables will be to allow access to localhost data. Run the following command to do this:
iptables -A INPUT -i lo -j ACCEPT
- Our next rule will be for accepting all traffic related to outbound connections...