What is iptables?
Iptables is a command-line firewall program that allows or blocks traffic based on the policy chain used. Iptables takes a packet-based approach to monitor traffic. When a program tries to connect to your system, iptables looks for a rule from a predefined list. If a rule is not found, it falls back to the default action and prevents access to the new connection.
The packet filter iptables was first written by Rust Seller and is a product of the Netfilter Core team. It is written in the C language and was first released in 1998. The company releases stable versions from time to time, which can be downloaded from the following repository:
Company website: www.netfilter.org
To learn more about iptables and how to use it, follow the official documentation at:
What is Ping?
Ping or Packet Internet Groper is a network management utility that lets you check the connection status between a source and a destination computer/device over an IP network. It also helps you estimate the time it takes to send and receive a response from the network.
In this article we will explain the iptables commands that you can use to:
- Add a rule that tells the iptables firewall to block incoming and outgoing pings to a server by controlling ICMP requests.
- Remove the rule that tells the iptables firewall to allow pings to and from a server by controlling the ICMP requests.
We have run the commands and procedures mentioned in this article on an Ubuntu 22.04 LTS system.
How to Block/Allow ping from iptables?
You can install iptables through the Linux command line by running the following command in your Terminal:
$ sudo apt-get install iptables
You can open the Terminal application either through the system application launcher search or by using the Ctrl+Alt+T shortcut.
In order to verify the installation and check the version number, you can use the following command:
$ iptables --version
As mentioned above, the iptables firewall is based on some set of rules. You can add the following rule in order to block pings to and from the server. The command will print an error message when you run the ping command:
$ sudo iptables -A INPUT -p icmp --icmp-type echo-request -j REJECT
Or else, you can add the following rules in order to block ping without printing an error message:
$ sudo iptables -A INPUT -p icmp --icmp-type echo-request -j DROP $ sudo iptables -A OUTPUT -p icmp --icmp-type echo-reply -j DROP
The -A command option of the iptables command stands for ‘Add’, so any rule that shall get added starts with ‘sudo iptables -A ….‘.
The following command lets you list all the rules added to your iptables:
$ sudo iptables -L
If any of the rules is blocking ping (in our case ICMP is rejected), you can simply remove that rule as follows:
$ sudo iptables -D INPUT -p icmp --icmp-type echo-request -j REJECT
The -D command switch is used to delete the rule.
You can delete all custom rules added to your iptables Firewall with the following command:
$ sudo iptables -F
You have seen how adding and removing rules in the iptables utility allows you to control how the firewall works.