_CORE
Services
AI & Agentic Systems Core Information Systems Cloud & Platform Engineering Data Platform & Integration Security & Compliance QA, Testing & Observability IoT, Automation & Robotics Mobile & Digital
Industries
Banking & Finance Insurance Public Administration Defense & Security Healthcare Energy & Utilities Telco & Media Manufacturing Logistics & E-commerce Retail & Loyalty
References Technologies
Lab
Blog Know-how Tools
About Collaboration Careers
CS EN DE
Let's talk

Firewall Rules — Best Practices

14. 08. 2025 1 min read intermediate

The firewall is the first line of defense. Default deny, minimal open ports, logging.

iptables

iptables -P INPUT DROP iptables -P FORWARD DROP iptables -A INPUT -m state –state ESTABLISHED,RELATED -j ACCEPT iptables -A INPUT -i lo -j ACCEPT iptables -A INPUT -p tcp –dport 22 -s 10.0.100.0/24 -j ACCEPT iptables -A INPUT -p tcp –dport 443 -j ACCEPT iptables -A INPUT -j LOG –log-prefix “DROP: ” iptables -A INPUT -j DROP

nftables

table inet filter { chain input { type filter hook input priority 0; policy drop; ct state established,related accept tcp dport { 80, 443 } accept tcp dport 22 ip saddr 10.0.100.0/24 accept } }

Key Takeaway

Default deny, minimal ports, log denied attempts.

securityfirewallnetworkiptables
Share:

CORE SYSTEMS team

We build core systems and AI agents that keep operations running. 15 years of experience with enterprise IT.

All articles

More know-how

Network Segmentation

How to divide a network into security zones. VLANs, subnets, microsegmentation.

Nmap Tutorial — Network Scanning

A complete guide to Nmap. Port scanning, service detection, scripting engine.

Integrating Java applications with Active Directory

User authentication and authorization in Java EE via LDAP/Active Directory. JNDI, Spring Security.