Difference between revisions of "OPS535 Linux Firewall Review"
m |
(→Concepts) |
||
| Line 2: | Line 2: | ||
* Text book: Chapter 13 | * Text book: Chapter 13 | ||
= Concepts = | = Concepts = | ||
| − | * Netfilter | + | * Netfilter/iptables with iptables(legacy) |
| − | * iptables | + | * Netfilter/nftables with iptables(nt_tables) |
| − | * firewall | + | * firewall with firewalld (front end for netfilter/iptables and netfilter/nftables) |
| + | |||
= Command line tools = | = Command line tools = | ||
* iptables | * iptables | ||
Revision as of 01:20, 17 January 2021
- Text book: Chapter 13
Contents
Concepts
- Netfilter/iptables with iptables(legacy)
- Netfilter/nftables with iptables(nt_tables)
- firewall with firewalld (front end for netfilter/iptables and netfilter/nftables)
Command line tools
- iptables
- ip6tables
- arptables
- ebtables
- nft
iptables
- raw table
- PREROUTING chain
- OUTPUT chain
- managle table
- PREROUTING
- INPUT
- FORWARD
- OUTPUT
- POSTROUTING
- nat table
- PREROUTING
- INPUT
- OUTPUT
- POSTROUTING
- filter table
- INPUT
- FORWARD
- OUTPUT
- security table
- INPUT
- FORWARD
- OUTPUT
rules
iptables -t filter -A INPUT -p tcp --dport 22 -j ACCEPT
|---------------| |---------------| |--------|
where and when match spec. action
