Cyberithub

How to Install Iptables services on RHEL/CentOS/Rocky Linux 1

How to Install Iptables services on RHEL/CentOS/Rocky Linux

by
Advertisements

In this article, I will take you through the steps to install iptables services on RHEL/CentOS/Rocky Linux based System. iptables is a free and open source command line utility to setup, maintain and inspect the tables of IP packet Filter rules in Linux Kernel. While you can create rule using iptables command but when you restart the System all the changes will be lost. So it is important to save all the modified rules before closing the session or performing System reboot. For this purpose you need to install iptables-services package on your System. Here we will see the steps to install this package in detail.

How to Install Iptables services on RHEL/CentOS/Rocky Linux

How to Install iptables services on RHEL / CentOS / Rocky Linux

Also Read: How to Install and Configure SSHGuard to Block Brute Force Attacks

Step 1: Prerequisites

a) You should have a running RHEL/CentOS/Rocky Linux Server.

b) You should have sudo or root access to run privileged command.

c) You should have yum or dnf utility available in your System.

 

Step 2: Update Your Server

It is always recommended to first sync the package index files from their sources using dnf update or yum update command as shown below. If there is any latest version available for any of the installed packages then you can upgrade the package by using dnf upgrade or yum upgrade command.

[root@cyberithub ~]# dnf update
Last metadata expiration check: 1:30:50 ago on Wed 26 Jan 2022 05:26:45 AM EST.
Dependencies resolved.
=============================================================================================================================================================
Package Architecture Version Repository Size
=============================================================================================================================================================
Upgrading:
polkit x86_64 0.115-13.el8_5.1 baseos 153 k
polkit-libs x86_64 0.115-13.el8_5.1 baseos 75 k

Transaction Summary
=============================================================================================================================================================
Upgrade 2 Packages

Total download size: 228 k
Is this ok [y/N]: y
Downloading Packages:
(1/2): polkit-libs-0.115-13.el8_5.1.x86_64.rpm 50 kB/s | 75 kB 00:01
(2/2): polkit-0.115-13.el8_5.1.x86_64.rpm 92 kB/s | 153 kB 00:01
-------------------------------------------------------------------------------------------------------------------------------------------------------------
Total 77 kB/s | 228 kB 00:02
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Running scriptlet: polkit-libs-0.115-13.el8_5.1.x86_64 1/1
Upgrading : polkit-libs-0.115-13.el8_5.1.x86_64 1/4
Running scriptlet: polkit-libs-0.115-13.el8_5.1.x86_64 1/4
Running scriptlet: polkit-0.115-13.el8_5.1.x86_64 2/4
Upgrading : polkit-0.115-13.el8_5.1.x86_64 2/4
Running scriptlet: polkit-0.115-13.el8_5.1.x86_64 2/4
Running scriptlet: polkit-0.115-12.el8.x86_64 3/4
Cleanup : polkit-0.115-12.el8.x86_64 3/4
Running scriptlet: polkit-0.115-12.el8.x86_64 3/4
Cleanup : polkit-libs-0.115-12.el8.x86_64 4/4
Running scriptlet: polkit-libs-0.115-12.el8.x86_64 4/4
Verifying : polkit-0.115-13.el8_5.1.x86_64 1/4
Verifying : polkit-0.115-12.el8.x86_64 2/4
Verifying : polkit-libs-0.115-13.el8_5.1.x86_64 3/4
Verifying : polkit-libs-0.115-12.el8.x86_64 4/4

Upgraded:
polkit-0.115-13.el8_5.1.x86_64 polkit-libs-0.115-13.el8_5.1.x86_64

Complete!

 

Step 3: Install Iptables Services

Next step is to install iptables-services by using dnf install iptables-services command as shown below. If you are having yum utility then use yum install iptables-services command.

[root@cyberithub ~]# dnf install iptables-services
Last metadata expiration check: 0:03:29 ago on Wed 26 Jan 2022 05:26:45 AM EST.
Dependencies resolved.
=============================================================================================================================================================
Package Architecture Version Repository Size
=============================================================================================================================================================
Installing:
iptables-services x86_64 1.8.4-20.el8 baseos 62 k

Transaction Summary
=============================================================================================================================================================
Install 1 Package

Total download size: 62 k
Installed size: 20 k
Is this ok [y/N]: y
Downloading Packages:
iptables-services-1.8.4-20.el8.x86_64.rpm 84 kB/s | 62 kB 00:00
-------------------------------------------------------------------------------------------------------------------------------------------------------------
Total 37 kB/s | 62 kB 00:01
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Installing : iptables-services-1.8.4-20.el8.x86_64 1/1
Running scriptlet: iptables-services-1.8.4-20.el8.x86_64 1/1
Verifying : iptables-services-1.8.4-20.el8.x86_64 1/1

Installed:
iptables-services-1.8.4-20.el8.x86_64

Complete!

 

Step 4: Verify Installation

After successful installation you can verify the packages by using rpm -qa | grep -i iptables-services command as shown below.

[root@cyberithub ~]# rpm -qa | grep -i iptables-services
iptables-services-1.8.4-20.el8.x86_64

 

Step 5: Start Iptables Service

Then start the iptables service by using systemctl start iptables command as shown below. Verify the status by using systemctl status iptables command.

[root@cyberithub ~]# systemctl start iptables
[root@cyberithub ~]# systemctl status iptables
● iptables.service - IPv4 firewall with iptables
Loaded: loaded (/usr/lib/systemd/system/iptables.service; disabled; vendor preset: disabled)
Active: active (exited) since Wed 2022-01-26 07:04:56 EST; 1s ago
Process: 1794 ExecStart=/usr/libexec/iptables/iptables.init start (code=exited, status=0/SUCCESS)
Main PID: 1794 (code=exited, status=0/SUCCESS)

Jan 26 07:04:55 cyberithub systemd[1]: Starting IPv4 firewall with iptables...
Jan 26 07:04:56 cyberithub iptables.init[1794]: iptables: Applying firewall rules: [ OK ]
Jan 26 07:04:56 cyberithub systemd[1]: Started IPv4 firewall with iptables.

 

Step 6: List Iptables Rule

You can list all the currently set default rules by using iptables -L command as shown below. More on iptables Man Page.

[root@cyberithub ~]# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT icmp -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh
REJECT all -- anywhere anywhere reject-with icmp-host-prohibited

Chain FORWARD (policy ACCEPT)
target prot opt source destination
REJECT all -- anywhere anywhere reject-with icmp-host-prohibited

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

 

Step 7: Allow a Port

If you want to allow a Port say TCP Port 5555 through Iptables firewall then you need to use iptables -A INPUT -p tcp --dport 5555 -j ACCEPT command as shown below.

[root@cyberithub ~]# iptables -A INPUT -p tcp --dport 5555 -j ACCEPT

 

Step 8: Save Iptables Rule

Finally save the modified rule by using /sbin/iptables-save > /etc/sysconfig/iptables command as shown below. This will save the rule permanently and hence will persist across system reboots.

[root@cyberithub ~]# /sbin/iptables-save > /etc/sysconfig/iptables

 

Step 9: Uninstall Iptables Services

In case you don't want the feature to save the iptables rule permanently then you can remove the iptables-services package using dnf remove iptables-services command as shown below. If you are having yum utility then uninstall it by using yum remove iptables-services command.

[root@cyberithub ~]# dnf remove iptables-services
Dependencies resolved.
=============================================================================================================================================================
Package Architecture Version Repository Size
=============================================================================================================================================================
Removing:
iptables-services x86_64 1.8.4-20.el8 @baseos 20 k

Transaction Summary
=============================================================================================================================================================
Remove 1 Package

Freed space: 20 k
Is this ok [y/N]: y
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Running scriptlet: iptables-services-1.8.4-20.el8.x86_64 1/1
Erasing : iptables-services-1.8.4-20.el8.x86_64 1/1
Running scriptlet: iptables-services-1.8.4-20.el8.x86_64 1/1
Verifying : iptables-services-1.8.4-20.el8.x86_64 1/1

Removed:
iptables-services-1.8.4-20.el8.x86_64

Complete!

Leave a Comment