In server computing, a network interface refers to a hardware or software component that enables communication between the server and a network. It serves as the interface or connection point between the server and the network infrastructure, allowing the server to send and receive data over the network.

iptables is a powerful and flexible firewall management tool in Linux. If you want to block connections to specific network interfaces using iptables, you can use rules to filter incoming and outgoing traffic.

Here are some general steps to block connections to a network interface in Linux

Identify the Network Interface

First, identify the network interface you want to block. You can use the ip command to list the available network interfaces:

ip a

The ip a command displays information about network interfaces on a Linux system. The output typically looks like the following:

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 12:34:56:78:90:ab brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.2/24 brd 192.168.1.255 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::3456:7890:ab%eth0/64 scope link 
       valid_lft forever preferred_lft forever
3: wlan0: <BROADCAST,MULTICAST> mtu 1500 qdisc mq state DOWN group default qlen 1000
    link/ether de:ad:be:ef:12:34 brd ff:ff:ff:ff:ff:ff

In this example:

• lo is the loopback interface.
• eth0 is an Ethernet interface with the IP address 192.168.1.2.
• wlan0 is a wireless interface currently in the DOWN state.

If you want to display only the network interfaces and their statuses without the detailed information, you can use the ip command with the link option. Here’s the command:

ip link show

This command will output a simpler list that includes only the network interface names and their states. For example:

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP mode DEFAULT group default qlen 1000
3: wlan0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc mq state DOWN mode DORMANT group default qlen 1000

In this output, you can see the interface names (lo, eth0, wlan0) and their respective states (UP, UP, DOWN).

Install iptables (if not installed):

First, you need to check if iptables is installed

iptables --version

The following would be the output of the above command:

root@ubuntu-c-4-8gib-nyc3-01:~# iptables --version
iptables v1.8.7 (nf_tables)

If it’s not installed, you can run the following command;

sudo apt install iptables

Block Incoming Connections

Use the following command to block incoming connections to a specific network interface. Replace INTERFACE_NAME with the actual name of your network interface:

sudo iptables -A INPUT -i INTERFACE_NAME -j DROP

This rule appends (-A) a DROP action for incoming traffic (INPUT) on the specified network interface (-i INTERFACE_NAME).

Block Outgoing Connections

If you also want to block outgoing connections on the specified network interface, use a similar command with the -o option:

sudo iptables -A OUTPUT -o INTERFACE_NAME -j DROP

This rule appends a DROP action for outgoing traffic (OUTPUT) on the specified network interface (-o INTERFACE_NAME).

Save Changes

To make sure your changes persist across reboots, save the iptables rules. The method varies based on your distribution.

On Debian/Ubuntu-based systems:

 sudo service iptables-persistent save 

On Red Hat/CentOS systems:

sudo service iptables save

Verify Rules

Check the current iptables rules to verify that the blocking rules have been applied:

sudo iptables -L

. If you’ve blocked connections to network interfaces using iptables, the output may include entries similar to the following:

Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
DROP       all  --  anywhere             anywhere             /* Block incoming on eth0 */
DROP       all  --  anywhere             anywhere             /* Block incoming on wlan0 */

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         
DROP       all  --  anywhere             anywhere             /* Block outgoing on eth0 */
DROP       all  --  anywhere             anywhere             /* Block outgoing on wlan0 */

Undo Changes (if needed)

If you want to remove the blocking rules, you can use the following commands:

sudo iptables -D INPUT -i INTERFACE_NAME -j DROP
sudo iptables -D OUTPUT -o INTERFACE_NAME -j DROP

These commands delete (-D) the specified rules from the INPUT and OUTPUT chains.