A firewall monitors incoming and outgoing network traffic and filters packets based on rules. A Linux firewall uses iptables to define rules for inbound and outbound traffic. Rules can allow or deny traffic by source, destination, and protocol. Network address translation (NAT) with iptables performs IP masquerading to hide private IP addresses and enable outbound internet access.
2. WHAT IS FIREWALL?
• Firewall is anything, hardware or software, that
monitors transmission of packets of digital information
that attempt to pass the perimeter of a network.
• Firewalls perform two basic security functions:
• (Network Traffics) Packet filtering
• Application proxy
2
3. 3
FIREWALL SECURITY FEATURES
Some firewall manufacturers add features like:
Logging unauthorized accesses into/out of a network
Providing VPN link to another network
Authenticating users
Shielding hosts inside the network from hackers
Caching data
Filtering content considered inappropriate or dangerous
4. 4
FIREWALL COMPONENTS
• Packet filter
• Proxy server
• Authentication system
• Software that performs Network Address
Translation (NAT)
• Some firewalls:
• Can encrypt traffic
• Help establish VPNs
• Come packaged in a hardware device that also
functions as a router
• Make use of a bastion host
5. TYPES OF FIREWALL
• Client Firewall
• Windows firewall
• For a computer
• Network firewall
• Between private network & public network
• VPN, Routing, . . . .
• For each network by its rules
5
6. NETWORK TRAFFIC
• Inbound traffic
• Outbound traffic
6
Source Destination
(Requester) (Replier)
Ping 192.168.0.1 ICMP
Outbound Inbound
My Service (My internal network or my PC
His service
14. LINUX IPTABLES FIREWALL
14
Client Firewall (iptables)
#iptables –L INPUT (for input chain type or Inbound)
#iptables –L OUTPUT (for output chain type or outbound)
List
15. LINUX IPTABLES FIREWALL
15
# iptables –A INPUT –s 192.168.0.1 –d 192.168.0.254 –p ICMP –j DROP
# iptables –A INPUT –s 192.168.0.0/24 –d 192.168.0.254/32 –p ICMP –j DROP
# iptables –L INPUT
# service iptables save
# service iptables start
Append INBOUND Rules in iptables ( Client Firewall )
Append Source Destination Protocol Jump
# iptables –D INPUT 1
Delete Line Number