Whether you’re running a host-based firewall and are only concerned about services connecting to your system or a multi-homed firewall handling VPNs, DMZs, and internal networks, knowing how to cleanly process basic protocols and services is imperative. This chapter should serve as a guide to creating rules for simple services that might not be covered in other chapters in this book and provides the basics to implement those rules effectively.

In nearly every rule we use in this section, you will note that we use “$IPTABLES” instead of “iptables.” This is to ease the integration of these examples into scripts. The default on Redhat systems is to place iptables in /sbin/iptables. You might or might not use ...