The 2.4 Kernel of Linux has a great tool called netfilter, which is a framework for creating firewalls. Many new Linux distributions such as RedHat 7.1 come with basic firewall rulesets that allow you to automatically create low, medium, or high . . .
The 2.4 Kernel of Linux has a great tool called netfilter, which is a framework for creating firewalls. Many new Linux distributions such as Red Hat 7.1 come with basic firewall rulesets that allow you to automatically create low, medium, or high security firewalls during installation. Of course, basic rulesets won't usually fit your needs, so you'll need to understand how to create custom rulesets. A ruleset is a group of firewall rules that tell the firewall what to do with an incoming packet. When a packet is received by the firewall, it traverses its ruleset to find a match. If a match is found it acts accordingly. If the firewall doesn't find a match there's an implied drop rule at the end of the ruleset. In other words, the firewall will deny a packet that doesn't match any rule.

How do you use netfilter to build a firewall? Netfilter is composed of several different modules that can help you with packet filtering. The most commonly used module is iptables, which uses chains to direct traffic, and rules to modify the chains. Iptables is a replacement for the ipchains program found in the 2.2 and earlier kernels.

Additional References

The link for this article located at Linux Business Week Magazine is no longer available.