What is iptables?
Iptables a command line firewall utility that allows or blocks traffic based on the policy chain use. Iptables follows the packet based approach for traffic monitoring. When a program tries to establish a connection with your system, iptables looks up for a rule to match from a pre-defined list. If it fails to match a rule, it restores to the default action and prevents access to the new connection.
The iptables package filter was first written by Rust Seller and is a product of the Netfilter Core Team. It is written in the C language and was first released in 1998. The company keeps releasing stable versions every now and then that can be downloaded from the following repository:
Company website: www.netfilter.org
To learn more about iptables and how to use it, follow the official documentation at:
What is Ping?
Ping or Packet Internet Groper is a network administration utility used to check the connectivity status between a source and a destination computer/device over an IP network. It also helps you assess the time it takes to send and receive a response from the network.
In this article, we will explain the iptables commands that you can use in order to:
- Add a rule that tells the iptables firewall to block ping in and out of a server by controlling the ICMP requests.
- Remove the rule that tells the iptables firewall to allow ping in and out of a server by controlling the ICMP requests.
We have run the commands and procedures mentioned in this article on a Ubuntu 18.04 LTS system.
How to Block/Allow ping from iptables?
You can install iptables through the Linux command line by running the following command in your Terminal:
$ sudo apt-get install iptables
You can open the Terminal application either through the system application launcher search or by using the Ctrl+Alt+T shortcut.
In order to verify the installation and check the version number, you can use the following command:
$ iptables --version
As mentioned above, the iptables firewall is based on some set of rules. You can add the following rule in order to block pings to and from the server. The command will print an error message when you run the ping command:
$ sudo iptables -A INPUT -p icmp --icmp-type echo-request -j REJECT
Or else, you can add the following rules in order to block ping without printing an error message:
$ sudo iptables -A INPUT -p icmp --icmp-type echo-request -j DROP $ sudo iptables -A OUTPUT -p icmp --icmp-type echo-reply -j DROP
The -A command option of the iptables command stands for ‘Add’, so any rule that shall get added starts with ‘sudo iptables -A ….‘.
The following command lets you list all the rules added to your iptables:
$ sudo iptables -L
If any of the rules is blocking ping (in our case ICMP is rejected), you can simply remove that rule as follows:
$ sudo iptables -D INPUT -p icmp --icmp-type echo-request -j REJECT
The -D command switch is used to delete the rule.
You can delete all custom rules added to your iptables Firewall with the following command:
$ sudo iptables -F
You have seen how adding and removing rules in the iptables utility allows you to control how the firewall works.