2. Goals of Presentation
• History about the linux firewall
• Introduction of iptables
• Stateful inspection
• Address translation
• Packet mangling
• Logging
• Protection
4. Introduction of iptables
• Netfilter Module
• Kernel based
• Examines packets
• Run on low Computer power
• Built-in iptables Chains: INPUT,OUTPUT
and FORWARD
6. Address Translation
• Network Address Translation (NAT)
• Transforms IP addresses
• Most common use is Masquerading
• Iptables options: DNAT,SNAT,REDIRECT
7. Packet Mangling
• Change/modify packets
• Example prioritize traffic with TOS
• TOS options
• Iptables options:
PREROUTING,POSTROUTING
10. Basic commands and tricks
• Create new chains
• Rules
• Make bash scripts to simplify your job!
11. Protection
• Protection agains IP Spoofing
• Make sure all NEW tcp packets are SYN
• SYN flood protection / DOS protection
12. Summery
• First Delevloped for linux by Alan Cox
• IPtables Delevloped by Rust Russell
• States to run your iptables firewall on
• Commands and Tricks
• Protection