← Back to blog
bpdubuntu

Lock It Down: Creating a Basic Firewall with Iptables on Ubuntu

6 February 2026bpd · ubuntu

Control What Comes In and What Goes Out

A firewall is your computer’s first line of defense against unwanted network traffic. In ‘Ubuntu System Administration Guide’, you’ll learn how to use the powerful, built-in `iptables` tool to create rules that protect your machine. Think of it as a bouncer for your network ports, deciding what traffic is allowed.

Two Essential Firewall Profiles

The book suggests creating two simple firewall scripts for different situations:

  1. Lock-Down Profile: This is a highly restrictive set of rules, perfect for when you’re on an untrusted public network. It blocks all incoming connections and only allows essential outgoing traffic, like for web browsing (ports 80 and 443) and DNS (port 53).
  2. Trusted Profile: This profile is slightly more relaxed, designed for your home or office network. It still blocks all unsolicited incoming traffic but allows all outgoing connections, making it easy to connect to local devices like printers and file shares.

By creating these simple bash scripts, you can switch between security profiles with a single command, adapting your computer’s defenses to your environment.

This post is based from content of the book Ubuntu System adminstration guide. And the book can be found here https://www.amazon.com/stores/Mattias-Hemmingsson/author/B0FF5CQX13