Iptables needs root privileges to work and should be executed by user root. Iptables is a rule-set driven application that is pre-packaged and pre-compiled on most recent Linux distributions for determining routes of incoming and outgoing packets depending on rules criteria. This means unlike old packages that you needed to compile, you don’t have to worry about that now. All things have been done for you, all you need to do is install it. By-default, it runs without any rules or policies, so you have to input rules according to your needs
Arno iptables is a multi-homed firewall script with DSL/ADSL support compiled by Arno van Amersfoort. It is a free software and is distributed GNU General Public License agreement. It is a secure stateful filtering firewall that supports Masquerading (NAT) and SNAT. It is a comfortable tool for Sys Admins where 1000s of different rules should be written for the most secure server. It is also written with an interactive wizard interface.
issue the following command to your Linux to download arno iptables.
sudo wget http://rocky.eld.leidenuniv.nl/arno-iptables-firewall/arno-iptables-firewall_2.0.1f.tar.gz
It will download the latest source code for a stable release
Now extract the files from the tar archive
sudo tar -zxvf arno-iptables-firewall_2.0.1f.tar.gz
And then install with the command, it will present you with a window with Yes / No options;
Hit Y to continue
the next prompt will ask you,
“Do you want me to help you setup a basic configuration (Y/n)?”, hit Y.
Hit Y if you want to automate it at boot time;
Hit Y again for the verbose mode prompt.
For the next prompt
“Do you want me to help you setup a basic configuration (Y/n)?“, hit Y.
input your WAN interface (multiple interfaces should be comma separated)! Enter your WAN and LAN interfaces, normally eth0 for WAN and ethX for LAN.
From here, you will get more questions on, ports to enable, If you want to enable ICMP echo PING, IPV6 and DHCP answer these questions according to your needs. For my case I enable ICMP ping.
If you want to understand the program arno iptables more better, read the manual file.
sudo man man arno-iptables-firewall
sudo /etc/init.d/arno-iptables-firewall status
You can now successfully build rules and policies using iptables