Understanding Linux Firewalls In Network Security
In my previous article, I have talked about all that you need to know about firewall implementation in organizations. In this article, I want to talk about all that you need to know about Linux firewalls in network security. Let us look that all, that is all about in network security. Follow me as we look at that together in this article.
Linux has firewall capabilities built into the operating system. This has been a part of a Linux system for many years with occasional improvement in the technology.
IPTables
The first widely used Linux Firewalls was called IPChains. It was essentially a chain of rules for filtering traffic. It was introduced in version 2.2 of the Linux kernel and superseded the previous ipfwadm. The more modern IPTables replaced ipchains , being the primary firewall in Linux. The iptable was introduced in Linux kernel 2.4.
On most Linux systems, IPtables is installed as usr/sbin/iptables. However, if it is not included i n your own installation, you can add it later.
An iptable firewall is made up of three different kinds of objects: tables, chains, and rules. Basically, the table contains a chain of rules. In other words, iptables is an extension of ipchains. Each chain has a series of rules that define how to filter packets. There are usually three tables. Each table has a standard rule chain in it. You are also allowed to add your own rules.
The three tables and their standards are as follows:
#1 Packet Filtering
This table is an essential part of the firewall. It is a packet filtering firewall and it contains three standard chains: INPUT, OUTPUT, and FORWARD. The OUTPUT chain processes sent traffic out from the machine. The INPUT chain processes process incoming traffic. If the firewall system is also acting as a router, only the FORWARD chain applies to routed packets.
#2 Network Address Translation
This table is used for performing Network Address Translation on outbound traffic that initiates a new connection. This is used only if your machine serves as a gateway or proxy server.
#3 Packet alteration
Iptables require certain configurations. You can do it through the Graphic User Interface(KDE, GNOME) but the shell commands are common to most distributions. Let’s take a look at some of the most common configurations:
To cause iptables to function as a basic packet filtering firewalls, you need these commands:
iptables -F
iptables -N blocks
iptables -A blocks -m state -state ESTABLISHED, RELATED -j ACCEPT
Obviously, this is the most basic and essential iptable configuration. However, here are some other ones.
To list the current IPTABLE rules, use:
iptables -L
To allow communication on specific ports, SSH port 22 and HTTP Port 80, use:
iptables- A INPUT -p tcp -dport ssh -j ACCEPT
iptables- A INPUT -p tcp -dport 80 -j ACCEPT
Now Tell Us Your Own Side Of This Story.
We would also like to hear what you feel about the topic we discussed today. Your feedback is very important to us. Feel free to drop your comments and recommendations. If you have a contrary opinion, you can drop that too.
You can also become part of our Facebook Page CRMNigeria for more updates. You can do that by clicking on the link or searching for our page on Facebook.
You can also become part of our WhatsApp Group Here.
Enjoy Latest Music From across the globe. Download TubeNaira.