Linux Firewalls, Third Edition

Optimized Example

In the example that follows, the shell variables and kernel-level protection services are the same as those listed in the example in Chapter 4. One new variable is declared, USER_CHAINS, which contains the names of all the user-defined chains used in the script.

User-Defined Chains in the Script

The chains are listed here:

tcp-state-flags— Contains the rules to check for invalid TCP state flag combinations.
connection-tracking— Contains the rules to check for state-related matches, INVALID, ESTABLISHED, and RELATED.
source-address-check— Contains the rules to check for illegal source addresses.
destination-address-check— Contains the rules to check for illegal destination addresses.
EXT-input— Contains the interface-specific ...

Get Linux Firewalls, Third Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Linux Firewalls, Third Edition by Steve Suehring, Robert Ziegler

Optimized Example

User-Defined Chains in the Script

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly