Packet-Filtering Firewalls
When Linux is protected with a packet-filtering firewall, it is protected with a set of rules defined by the iptables command. This command can be used to check various parts of a network packet using patterns. If the pattern is matched, you can configure that iptables command to accept, reject, deny, or even forward that packet. Different sets of rules can be created for any host in a demilitarized zone (DMZ) as well as private networks behind that DMZ.
Before exploring the iptables commands that filter packets, be aware that the iptables command is frequently used to masquerade the addresses of a private IP network as a second IP address, typically a public IP address on the Internet.
In addition, any iptables rules ...
Get Security Strategies in Linux Platforms and Applications, 3rd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
