Summary

This chapter introduced netfilter/iptables and iproute2. A very important thing for anyone building firewalls is to know how and where packets are analyzed. For that, we introduced a diagram of how packets traverse the chains in the filter, nat, and mangle tables for netfilter.

For beginners, a first look the iptables syntax might seem a bit difficult. An iptables rule contains the table on which we make an operation (filter table being default), a command (append, insert, delete, list), some filtering specifications to match the packets we want, and a target (DROP, ACCEPT, REJECT, LOG) that specifies what we want to do with the packet.

The iproute2 package introduces two complex tools. One is ip, which can be used to set up Layer 3 communication ...

Get Designing and Implementing Linux Firewalls and QoS using netfilter, iproute2, NAT, and L7-filter now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Designing and Implementing Linux Firewalls and QoS using netfilter, iproute2, NAT, and L7-filter by

Summary

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly