SecurityJuly 04, 20269 min
How to Configure Firewall on Linux (iptables and nftables)
Firewall is the first line of defense for a Linux server. Configuring proper rules allows only legitimate traffic and blocks unauthorized access attempts.
iptables vs nftables
iptables is Linux's traditional firewall, widely supported. nftables is the successor with cleaner syntax and better performance. Both are valid — the choice depends on distribution and team preference. Modern distributions (RHEL 8+, Debian 10+) use nftables by default. Ubuntu still uses iptables with nftables backend.
Basic iptables rules
nftables rules
nftables allows grouping ports and rules more elegantly.
Brute force protection
Use fail2ban to block IPs after failed attempts. Configure for SSH, web and other exposed services. Monitor fail2ban logs to identify attack patterns.
Persistence and monitoring
Save rules to persist after reboot: Configure alerts when rules are modified. Use auditd to track firewall configuration changes.
Conclusion
Properly configured firewall is essential for security. Define restrictive policies, allow only what's necessary and keep rules documented. Companies that need help with firewalls can rely on specialized consulting.
Related service
Kodden configures firewalls and access controls to protect production environments.
View Security and Hardening service