How to Configure iptables on Debian 12

The iptables is the command utility that is used to manage the IP packets by providing packet filtering.  IP packets are an important component in network communication. Now these IP packets are used to communicate over the networks and for this communication it is essential to define the behavior of the IP packets. 

The rules which define the behavior of the IP packets are known as the IP packet rules. These rules are set by using different software utilities such as the iptables on Debian. The most common usage of the iptables is network address translation (NAT) and support for the firewall. 

This blog will explain the configuration and other aspects of the iptables command on Debian 12. This blog will cover the following aspects of the iptables on Debian:

  1. How to Install the iptables on Debian Linux
  2. What is the Method to Define an IP rule on Debian
  3. How to Display the Current Configuration of the IP Packets Using iptables on Debian
  4. How to Flush the Rules of the IP Packets on Debian
  5. How to Add the IP Packets Rules on Debian
  6. How to Delete the IP Packets Rules on Debian

How to Install the iptables on Debian Linux?

To install the iptables on Debian if it is not installed, use the command to install the package from Debian’s package list:

$ sudo apt install iptables -y

What is the Method to Define an IP rule on Debian?

To define a ip rule using the iptables command, use the following general syntax of the command:

$ sudo iptables -A <chain> -i <interface> -p <protocol (tcp/udp) > -s <source> --dport <port no.>  -j <target>

The explanation of the options used in the above command has been explained in the table below:

OptionsExplanation
iIt is used to specify the interface whose traffic is being filtered
pDefines the protocol to perform the filtration
sIt defines the source of the traffic
dportThis will define the destination port
jIt will define the action that is supposed to be performed

How to Display the Current Configuration of the IP Packets Using iptables on Debian?

To display the already set configuration of the IP packets on Debian, use the “L” option of the iptables command:

$ sudo iptables -L

Three parameters including the input, forward, and output can be seen on the screen. The input indicates the status of the packets which are directed to your server, the output shows the packets which are created by the server and the forward will tell the status of the traffic that is directed to other servers without being created by the server. 

To explore the above output with more details, run the command:

$ sudo iptables -L -n -v

How to Flush the Rules of the IP Packets on Debian?

To flush or delete the already defined rules of the IP packets on Debian 12, use the command:

$ sudo iptables -F

The “F” option is used to flush the IP rules on Debian and other Linux distributions. 

How to Add the IP Packets Rules on Debian?

To add the rules of the IP packets, use the “ACCEPT” option. For example, we are adding a rule for port 22 that the incoming traffic should be allowed by running the command:

$ sudo iptables -A INPUT -i eth0 -p tcp --dport 22 -j ACCEPT

To confirm the addition of the new rule with the above command, list down the rules:

$ sudo iptables -L

How to Delete the IP Packets Rules on Debian?

To delete the IP packet rules on Debian, use the “DROP” option in the general syntax explained in this blog. For example, to delete the rule of allowing the incoming traffic on port 22, run the command:

$ sudo iptables -A INPUT -i eth0 -p tcp --dport 22 -j DROP

To confirm the deletion of the rule, use the command:

$ sudo iptables -L

Conclusion

The iptables is the command utility to set the rules of the IP packets used in the network communication. The iptables can be installed from the package list of Debian. It can be configured to allow and restrict the IP packet traffic on different ports. 

This post has explained the installation of iptables and different aspects of using the iptables command on Debian 12.