Book description
Firewalls, Network Address Translation (NAT), network logging and accounting are all provided by Linux's Netfilter system, also known by the name of the command used to administer it, iptables. The iptables interface is the most sophisticated ever offered onLinux and makes Linux an extremely flexible system for any kind of network filtering you might do. Large sets of filtering rules can be grouped in ways that makes it easy to test them and turn them on and off.Do you watch for all types of ICMP traffic--some of them quite dangerous? Can you take advantage of stateful filtering to simplify the management of TCP connections? Would you like to track how much traffic of various types you get?This pocket reference will help you at those critical moments when someone asks you to open or close a port in a hurry, either to enable some important traffic or to block an attack. The book will keep the subtle syntax straight and help you remember all the values you have to enter in order to be as secure as possible. The book has an introductory section that describes applications,followed by a reference/encyclopaedic section with all the matches and targets arranged alphabetically.
Publisher resources
Table of contents
- Linux iptables Pocket Reference
- Dedication
-
1. Linux iptables Pocket Reference
- Introduction
-
iptables Command Reference
- Getting help
- The iptables Subcommands
-
iptables Matches and Targets
- Internet Protocol (IPv4) matches
- ACCEPT target
- ah match
- connmark Match
- CONNMARK target
- conntrack match
- DNAT target
- DROP target
- dscp match
- DSCP target
- ecn match
- ECN target
- esp match
- FTOS target
- helper match
- icmp match
- ip (Internet Protocol IPv4) matches
- iplimit match
- ipv4options match
- IPV4OPTSSTRIP target
- length match
- limit match
- LOG target
- mac match
- mark match
- MARK target
- MASQUERADE target
- multiport match
- NETLINK target
- NETMAP target
- nth match
- owner match
- pkttype match
- pool match
- POOL target
- psd (Port Scan Detector) match
- QUEUE target
- quota match
- random match
- realm match
- recent match
- record-rpc match
- REDIRECT target
- REJECT target
- RETURN target
- ROUTE target
- SAME target
- SNAT target
- state match
- string match
- tcp match
- tcpmss match
- TCPMSS target
- time match
- tos match
- TOS target
- ttl match
- TTL target
- udp match
- ULOG target
- unclean match
- Utility Command Reference
- Index
- About the Author
- Copyright
Product information
- Title: Linux iptables Pocket Reference
- Author(s):
- Release date: August 2004
- Publisher(s): O'Reilly Media, Inc.
- ISBN: 9780596005696
You might also like
book
Mastering Linux Security and Hardening - Second Edition
A comprehensive guide to securing your Linux system against cyberattacks and intruders Key Features Deliver a …
book
Linux Kernel Networking: Implementation and Theory
Linux Kernel Networking takes you on a guided in-depth tour of the current Linux networking implementation …
book
Linux Observability with BPF
Build your expertise in the BPF virtual machine in the Linux kernel with this practical guide …
book
Linux Kernel Programming
Learn how to write high-quality kernel module code, solve common Linux kernel programming issues, and understand …