Protecting Your Raspberry Pi from Unwanted Traffic with iptables and UFW

Learn how to use the built-in firewall features of your Raspberry Pi to protect it from unwanted traffic and keep your data secure. …

Need help with your Raspberry Pi?
Contact Me!

Do you love silly Raspberry Pi Projects?
Check out my this YouTube Channel!

Learn how to use the built-in firewall features of your Raspberry Pi to protect it from unwanted traffic and keep your data secure.

Setting up iptables

iptables is the built-in Linux firewall tool that allows you to control incoming and outgoing traffic on your Raspberry Pi. It uses a set of rules to decide whether or not to allow certain types of traffic based on specific criteria, such as source and destination IP addresses, ports, and protocols.

To check the current iptables configuration on your Raspberry Pi, run the following command in the terminal:

sudo iptables -L

This will display all active rules for incoming (INPUT) and outgoing (OUTPUT) traffic, as well as any custom chains you may have created. By default, there should be a few rules that allow traffic related to the local network and loopback interface.

Creating a basic iptables rule

Let’s create a simple iptables rule that blocks all incoming traffic on port 22 (SSH), except from your IP address. This will prevent unauthorized access attempts to your Raspberry Pi, while still allowing you to connect remotely. To do this, run the following commands:

sudo iptables -A INPUT -p tcp --dport 22 -s ! <YOUR_IP_ADDRESS> -j DROP
sudo iptables -A INPUT -p tcp --dport 22 -j ACCEPT

Replace <YOUR_IP_ADDRESS> with your public IP address or network range. This rule will drop all incoming traffic on port 22 that does not match the specified source, and then allow all other incoming traffic on port 22.

To make these rules persistent across reboots, save them to a file:

sudo iptables-save > /etc/iptables.ipv4.nat

Then, edit /etc/rc.local and add the following line before exit 0:

iptables-restore < /etc/iptables.ipv4.nat

Now your Raspberry Pi will load these rules on startup.

Setting up UFW (Uncomplicated Firewall)

UFW is a user-friendly frontend for iptables that makes it easier to manage firewall rules. To install UFW, run:

sudo apt-get update && sudo apt-get install ufw

Once installed, you can enable UFW with the following command:

sudo ufw enable

This will activate UFW and set a default policy of denying all incoming and outgoing traffic. To allow specific ports or services through the firewall, use the allow command:

sudo ufw allow 22/tcp

This allows incoming traffic on port 22 (SSH). You can also allow traffic for other common services like HTTP, HTTPS, and FTP with their respective port numbers or names.

To check the status of your UFW rules, run:

sudo ufw status

This will display a list of active rules and the current default policy for incoming and outgoing traffic.

Conclusion

Securing your Raspberry Pi with a firewall is an essential step in protecting it from unauthorized access and malicious attacks. By using iptables and UFW, you can easily create and manage custom rules to allow or block specific types of traffic based on your needs. Remember to regularly update your software and keep your Raspberry Pi up-to-date with the latest security patches to stay protected against emerging threats.