Linux IPtables

Firewalls are tools that can protect an OS. Linux has iptables and firewalld, which contain firewall rules and can manage firewall rules in Linux. Essentially, iptables and firewalld are configured by the systems administrator to reject or accept traffic. While you are not expected to be able to configure a system, read this article to see how iptables can control incoming or outgoing traffic. Why does the order of the rules matter?

Configure a locked-down customer kiosk using iptables

I'm sure you've seen kiosks—they're the tablets, touchscreens, and ATM-like PCs in a box that airports, libraries, and business leave lying around, inviting customers and passersby to browse content. The thing about most kiosks is that you don't usually want users to make themselves at home and treat them like their own devices. They're not generally meant for browsing, viewing YouTube videos, or launching denial-of-service attacks against the Pentagon. So to make sure they're not misused, you need to lock them down.

One way is to apply some kind of kiosk mode, whether it's through clever use of a Linux display manager or at the browser level. But to make sure you've got all the holes plugged, you'll probably also want to add some hard network controls through a firewall. In the following section, I'll describe how I would do it using iptables.

There are two important things to remember about using iptables: The order you give your rules is critical, and by themselves, iptables rules won't survive a reboot. I'll address those here one at a time.