configuring-firewallslisted

Configure host-based firewalls (iptables, nftables, UFW) and cloud security groups (AWS, GCP, Azure) with practical rules for common scenarios like web servers, databases, and bastion hosts. Use when exposing services, hardening servers, or implementing network segmentation with defense-in-depth strategies.
ancoleman/ai-design-components · ★ 368 · Web & Frontend · score 80

Install: claude install-skill ancoleman/ai-design-components

# Configuring Firewalls ## Purpose Guide engineers through configuring firewalls across host-based (iptables, nftables, UFW), cloud-based (AWS Security Groups, NACLs), and container-based (Kubernetes NetworkPolicies) environments with practical rule examples and safety patterns to prevent lockouts and security misconfigurations. ## When to Use This Skill **Trigger Phrases:** - "Configure firewall for [server/service]" - "Set up security groups for [AWS resource]" - "Allow port [X] through firewall" - "Block IP address [X.X.X.X]" - "Set up UFW on Ubuntu server" - "Create iptables/nftables rules" - "Configure bastion host firewall" - "Implement egress filtering" **Common Scenarios:** - Initial server setup and hardening - Exposing a new service (web server, API, database) - Implementing network segmentation - Creating bastion host or jump box - Migrating from iptables to nftables - Configuring cloud security groups - Troubleshooting connectivity issues ## Decision Framework: Which Firewall Tool? ### Cloud Environments **AWS:** - Instance-level control → **Security Groups** (stateful, allow-only rules) - Subnet-level enforcement → **Network ACLs** (stateless, allow + deny rules) - Use both for defense-in-depth **GCP:** - Use **VPC Firewall Rules** (stateful, priority-based) **Azure:** - Use **Network Security Groups** (NSGs) (stateful, priority-based) ### Host-Based Linux Firewalls **Ubuntu/Debian + Simplicity:** - Use **UFW** (Uncomplicated Firewall) - recommended f