Linux firewalls can be difficult to configure. The commands appear complex. While the iptables command is powerful, it cannot hide the complexity of risks that Internet-connected systems face. Therefore, customized firewalls that allow users on your network the access they desire can include dozens of commands.
This annoyance includes a basic overview of the current iptables firewall tool. There are many good sources for additional information, including Purdy's Linux iptables Pocket Reference (O'Reilly). One interesting iptables web site is Ziegler's Linux Firewall and Security Site at http://www.linux-firewall-tools.com/linux, which can help you customize a firewall.
In this annoyance, we'll review the basics of iptables, show you how to prevent the "ping of death," and, finally, review the firewall configuration tools from Red Hat/Fedora, SUSE, and Debian. If you use these tools to configure your firewall, you should have no problems accessing the Internet from within your network.
Before you're overwhelmed with iptables commands, it's time for a quick review. There is a basic format associated with iptables:
table option pattern-j
There are two basic alternatives for a table in the -t option: nat and filter. A nat table is associated with Network Address Translation. The default is filter.
I'll start by describing a basic masquerading command, which can help you configure a private network for your LAN. ...