IPTABLES
The first instruction to know which rules we have setup on our server
Show current rules
sudo iptables -L -v
How to delete all rules
sudo iptables --flush
sudo iptables --delete-chain
If we haven't configure a thing the result that we get is the following:
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 22659 packets, 3054K bytes)
pkts bytes target prot opt in out source destination
For this example I will configure the most commont rules, and that is enable ssh(22), http(80), https(443) and any other connection already established.
sudo iptables -A INPUT -i lo -j ACCEPT
sudo iptables -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 22 -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 80 -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 443 -j ACCEPT
sudo iptables -A INPUT -j DROP
IPTABLES Persist
To be able save this rules on the configuration of our server we will use a package formerly called iptables-persistent and now netfilter-persistent.
First lets install
sudo apt install -y iptables-persistent
Start the service
# Start the service
sudo service netfilter-persistent start
Save the rules
# dry-run
sudo iptables-save
## save a config file.
sudo iptables-save > /etc/iptables/rules.v4
Restart the service
sudo service netfilter-persistent restart
Fail2Ban
sudo apt install -y fail2ban
sudo cp /etc/Fail2Ban/jail.conf /etc/Fail2Ban/jail.local
sudo service fail2ban reload