Linux Firewall Basics: iptables, ufw, and firewalld Explained

Linux RSH NETWORK February 07, 2026 3 mins read

Secure your Linux system by managing inbound and outbound network traffic using iptables, ufw, and firewalld.

Back to Blog Posts

πŸ“– Introduction

Firewalls are the first line of defense for Linux systems. Whether you’re protecting a personal server, cloud VM, or enterprise workload, controlling network traffic is essential to prevent unauthorized access, brute-force attacks, and lateral movement.

Linux offers multiple firewall management tools—each suited for different use cases. This guide covers iptables, ufw, and firewalld, explaining when to use each and how to get started.

 

πŸ›‘οΈ Why Firewalls Matter

A firewall acts as a traffic gatekeeper between your system and the network.

Key benefits include:

Blocking unauthorized access attempts

Limiting exposed services and ports

Reducing attack surface

Enforcing security policies

Supporting compliance and audits

Without a firewall, any open service becomes a potential attack vector.

 

πŸ”§ Classic Firewall: iptables

iptables is the traditional Linux firewall framework built directly into the kernel via Netfilter. It provides granular control but requires careful rule management.

 

πŸ“‹ View Current Rules

sudo iptables -L

 

βž• Add a Rule (Allow SSH)

sudo iptables -A INPUT -p tcp --dport 22 -j ACCEPT

 

πŸ’Ύ Save Rules (Persistence)

sudo iptables-save > /etc/iptables/rules.v4

 

βœ… Best Use Cases

Low-level firewall control

Custom security appliances

Advanced networking scenarios

 

⚠️ Note: Rules are not persistent by default unless saved explicitly.

 

🌐 Simplified Firewall: ufw (Uncomplicated Firewall)

ufw is a user-friendly firewall designed for simplicity and ease of use, especially popular on Ubuntu and Debian systems.

 

▢️ Enable Firewall

sudo ufw enable

 

πŸ”“ Allow SSH

sudo ufw allow 22/tcp

 

πŸ“Š Check Status

sudo ufw status

 

⭐ Why Use ufw?

Clean, readable syntax

Beginner-friendly

Automatically manages iptables rules

Ideal for desktops and small servers

 

πŸ”₯ Modern Firewall: firewalld

firewalld is a dynamic, zone-based firewall system used by default on RHEL, CentOS, Rocky Linux, AlmaLinux, and Fedora.

 

πŸ” List Active Rules

sudo firewall-cmd --list-all

 

βž• Allow HTTP Permanently

sudo firewall-cmd --add-service=http --permanent

sudo firewall-cmd --reload

 

πŸ” Key Features

Zone-based trust levels (public, internal, trusted, etc.)

Runtime vs permanent configurations

Service-based rules instead of ports

Cloud and enterprise-friendly

 

🧠 Choosing the Right Firewall Tool

Tool Best For

iptables Advanced users, custom networking

ufw Beginners, Ubuntu/Debian systems

firewalld Enterprise, RHEL-based systems

🧠 Pro Tips

πŸ§ͺ Always test firewall rules before making them permanent

πŸ” Allow SSH access before enabling strict rules

πŸ”„ Backup firewall configurations regularly

πŸ›‘οΈ Combine firewalls with tools like fail2ban

 

πŸ“Š Monitor logs to detect suspicious traffic

πŸš€ What’s Next?

 

Tomorrow’s blog will cover:

πŸ‘‰ Linux Disk Encryption — using LUKS, cryptsetup, and dm-crypt to protect data at rest.

 

 πŸ‘‰Visit RSH Network for practical insights into modern IT technologies.https://rshnetwork.com/

 πŸ‘‰Get expert cloud and security services to scale your infrastructure securely.https://rshnetwork.com/services

 πŸ‘‰Start your learning journey with industry-focused IT courses today.https://rshnetwork.com/courses

Advertisement

R
RSH NETWORK

33 posts published

Sign in to subscribe to blog updates