[lotuseclat79]

Iptables is a firewall, installed by default on all official Ubuntu distributions (Ubuntu, Kubuntu, Xubuntu). When you install Ubuntu, iptables is there, but it allows all traffic by default.

There is a wealth of information available about iptables, but much of it is fairly complex, and if you want to do a few basic things, this How To is for you.

The HowTo covers the folllowing topics:
Contents
1. Basic iptables howto
2. Basic Commands
3. Basic Iptables Options
4. Allowing Established Sessions
5. Allowing Incoming Traffic on Specific Ports
6. Blocking Traffic
7. Editing iptables
8. Logging
9. Saving iptables
10. Configuration on startup
11. Configuration on Startup for NetworkManager
12. Tips
1. If you manually edit iptables on a regular basis
2. Using iptables-save/restore to test rules
3. More detailed Logging
4. Disabling the firewall
13. Easy configuration via GUI (Firestarter related)
14. Further Information
15. Credits

Also, here is another great Ubuntu beginners iptables setup for beginners:
HOWTO: Set a custom firewall (iptables) and Tips [Beginners edition].

-- Tom

[lotuseclat79]

Note: In the second link in post #1, i.e. HOWTO: Set a custom firewall (iptables) and Tips [Beginners edition], there are 20 web pages of comments (192 posts) in reply to that HowTo.

It has been a while since I implemented it on my computer, and the script has been corrected as of January 31, 2008, so, I you, like me, have implemented it before that date, then it is time to update your script.

At the bottom of the HowTo instructions, there is some information on installing nmap and nmapfe. I strongly urge anyone implementing this script to test it out using nmapfe and specify the scan to check all of the ports, as I did.

Further, there are entries in the script to allow amule and bittorent - I have those statements in the script commented out with a '#' character as the first character of those lines, since I do not use either amule or bittorent.

Lastly, if you have learned about iptables and how to minimally protect your Ubuntu (or other Linux distribution with this iptables firewall), and you need to install more advanced rules and learn more about using iptables, then there is a link at the top of the HowTo webpage that links to another more advanced HowTo by the same author. Check it out and the comments on the webpages that follow it (2 webpages, 13 comments at last count).

One further note: If you use dial-up 56k connection to the Internet through an ISP, you need to change the references to eth0 (ethernet) to ppp0 for the dial-up protocol interface on all statements with eth0 for all instances.

-- Tom