Linux Security
    Linux Security
    Linux Security

    Security: Firewalls; IPtables and Rules

    Date 18 Jun 2001
    Category Firewalls
    5792
    Posted By Anthony Pell
    First you need to know how the firewall treats packets leaving, entering, or passing through your computer. Basically there is a chain for each of these paths. Any packet entering your computer goes through the INPUT chain. Any packet that your . . .
    First you need to know how the firewall treats packets leaving, entering, or passing through your computer. Basically there is a chain for each of these paths. Any packet entering your computer goes through the INPUT chain. Any packet that your computer sends out to the network goes through the OUTPUT chain. Any packet that your computer picks up on one network and sends to another goes through the FORWARD chain. The chains are half of the logic behind IPtables themselves.

    The way that IPtables work is that you set up certain rules in each of these chains that control what happens to packets of data that pass through them. For instance, if your computer were to send out a packet to www.yahoo.com in order to request an HTML page, the packet would first pass through the OUTPUT chain. The kernel would look through the rules in the chain and see if any of them match. The first one that matches will decide the outcome of that packet. If none of the rules match, then the policy of the whole chain will be the final decision maker. Then whatever reply Yahoo! sends back will pass through the INPUT chain. It's no more complicated than that.

    The link for this article located at Linux.com is no longer available. 

     

    LinuxSecurity Poll

    'Tis the season of giving! How have you given back to the open-source community?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/49-tis-the-season-of-giving-how-have-you-given-back-to-the-open-source-community?task=poll.vote&format=json
    49
    radio
    [{"id":"171","title":"I've contributed to the development of an open-source project.","votes":"8","type":"x","order":"1","pct":27.59,"resources":[]},{"id":"172","title":"I've reviewed open-source code for security bugs.","votes":"6","type":"x","order":"2","pct":20.69,"resources":[]},{"id":"173","title":"I've made a donation to an open-source project.","votes":"15","type":"x","order":"3","pct":51.72,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350

    Please vote first in order to view vote results.


    VIEW MORE POLLS

    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.