Back to Blog
SecurityJuly 04, 20269 min

How to Configure Firewall on Linux (iptables and nftables)

Firewall is the first line of defense for a Linux server. Configuring proper rules allows only legitimate traffic and blocks unauthorized access attempts.

iptables vs nftables

iptables is Linux's traditional firewall, widely supported. nftables is the successor with cleaner syntax and better performance. Both are valid — the choice depends on distribution and team preference. Modern distributions (RHEL 8+, Debian 10+) use nftables by default. Ubuntu still uses iptables with nftables backend.

Basic iptables rules

nftables rules

nftables allows grouping ports and rules more elegantly.

Brute force protection

Use fail2ban to block IPs after failed attempts. Configure for SSH, web and other exposed services. Monitor fail2ban logs to identify attack patterns.

Persistence and monitoring

Save rules to persist after reboot: Configure alerts when rules are modified. Use auditd to track firewall configuration changes.

Conclusion

Properly configured firewall is essential for security. Define restrictive policies, allow only what's necessary and keep rules documented. Companies that need help with firewalls can rely on specialized consulting.

Related service

Kodden configures firewalls and access controls to protect production environments.

View Security and Hardening service

Related solutions

Request assessment