Turn Your Ubuntu Server into a Powerful Firewall with Iptables

Control Your Network’s Traffic with Precision

Did you know you can use an Ubuntu server as a robust and highly configurable firewall? The ‘Ubuntu System Administration Guide’ explains how to leverage the built-in `iptables` tool to manage all the traffic coming in and out of your network. This turns your server into a gatekeeper, protecting your internal network from the public internet.

The Two-Network Setup

To function as a firewall, your server needs at least two network interfaces: one connected to the public internet (your external network) and one connected to your private, internal network. The core task is to forward traffic securely between these two networks.

Enabling Packet Forwarding

The first step is to tell the Linux kernel that it’s allowed to forward network packets between interfaces. This is done with a simple command:

echo "1" > /proc/sys/net/ipv4/ip_forward

Once this is enabled, you can start building `iptables` rules to define exactly what traffic is allowed to pass, giving you complete control over your network’s security.

---

This post is based from content of the book Ubuntu System adminstration guide. And the book can be found here https://www.amazon.com/stores/Mattias-Hemmingsson/author/B0FF5CQX13