9
edits
Changes
no edit summary
=== Investigation 8: How do I view and configure the IPTABLES firewall? -- Basic Function/Configuration ===
Essentially, Iptables is a list of rules. Each rule is placed into a particular chain and when data is sent into, out of or through a PC the data is checked against these rules. If the data matches a particular rule, it then must “jump” to a condition. Simple conditions include ACCEPT, DROP and LOG but there are also more complex conditions that can be applied and there is even the option to create your own conditions.
Iptables consists of three chains of rules – INPUT, OUTPUT and FORWARD. Here as brief explanation of these chains.
'''OUTPUT''' – When you want to do some research on the Web for something, you open a browser on your PC and navigate to http://www.google.ca. When you do you are attempting to establish an HTTP or HTTP session with the web server at http://www.google.ca. A data packet is built with apprpriate IP and TCP information and sent out of your computer but before it goes out to the Internet it will be compared to all of the rules in the OUTPUT chain to see if this data is allowed to go “out” of the PC. If it is not allowed then the packet is dropped.
'''INPUT''' – If your data was allowed out and a request was sent to http://www.google.ca, this web server will send data back to your PC with an acknowledgement. Before this data can be processed by your browser, it must first be checked against the INPUT chain to see if it is allowed into the PC. If it is, your browser will process the data and move to it's next task. If it is not, the packet will be dropped.
'''FORWARD''' – LINUX PC's are often used as routers or gateways for other PC's. This means that data may have to be passed through this LINUX box, but the data is not intended for the LINUX PC nor is it being sent by the LINUX PC. Even though the data will go into this PC and it will exit this PC, the INPUT and OUTPUT chains do not apply here. Because the PC is acting as a router it does not actually send or receive data, it FORWARDS data from one machine to another. When this process happens, the data is checked against the FORWARD chain to see if it is allowed through. If it is the router will forward the data to it's destination. If not, the packet is dropped.}}
Iptables consists of three chains of rules – INPUT, OUTPUT and FORWARD. Here as brief explanation of these chains.