13,420
edits
Changes
no edit summary
Since Linux servers may be connected to the Internet, it is very important to run a firewall to control what comes into the computer system, what goes out of the computer system, and what may be forwarded to another computer. A utility called '''iptables''' can be used to set the firewall rules on a Linux server.
Basically, there is a list ('''chain''') of policy rules that packets must pass-through in order to handle packets. If a packet matches a rule, then an action is taken (some examples include: '''ACCEPT''', '''DROP''', '''REJECT''', or '''LOG'''). If the packet passes through the chain of rules without a match, then the packet is directed to the default policy chain (for example: ''ACCEPT, '' or ''REJECT, or DROP'').
You can create your own customized chains (which you will learn in OPS335 course) but to keep thing simple, we only deal with 3 common predefined chains: