Slide 1
Most trusted JOB oriented professional program
DevOps Certified Professional (DCP)

Take your first step into the world of DevOps with this course, which will help you to learn about the methodologies and tools used to develop, deploy, and operate high-quality software.

Slide 2
DevOps to DevSecOps – Learn the evolution
DevSecOps Certified Professional (DSOCP)

Learn to automate security into a fast-paced DevOps environment using various open-source tools and scripts.

Slide 2
Get certified in the new tech skill to rule the industry
Site Reliability Engineering (SRE) Certified Professional

A method of measuring and achieving reliability through engineering and operations work – developed by Google to manage services.

Slide 2
Master the art of DevOps
Master in DevOps Engineering (MDE)

Get enrolled for the most advanced and only course in the WORLD which can make you an expert and proficient Architect in DevOps, DevSecOps and Site Reliability Engineering (SRE) principles together.

Slide 2
Gain expertise and certified yourself
Azure DevOps Solutions Expert

Learn about the DevOps services available on Azure and how you can use them to make your workflow more efficient.

Slide 3
Learn and get certified
AWS Certified DevOps Professional

Learn about the DevOps services offered by AWS and how you can use them to make your workflow more efficient.

previous arrow
next arrow

Complete Referance of Firewalls in Linux Security

Spread the Knowledge
  • Introduction to Firewalls
  • IP Tables
  • Dedicated Linux Firewalls

Introduction to Firewalls

  • Firewalls protect network perimeters
  • Not total security solution, but important part of defense in depth strategy
  • Firewalls act as traffic cops
  • Allow only traffic that meets specific requirements is allowed to pass through
  • Can filter on port, protocol, address, or established connection
  • Higher level firwalls also filter on packet contents(application-level firewall)
  • Linux has several built-in firewall capabilities
  • Can act as a host-based firewall
  • Can act as a dedicated enterprise-level firewall
  • Can take adantage of older, recycled hardware
  • Built-in firewalls include IPChains and IPTables
  • Dedicted firewalls include IPCop and Smoothwall

IPTables

  • Replaces older IPChains firewall in Linux
  • Available since 2.4 kernel
  • Allows configuration of built-in firewall rules for host-based protection
  • Stateful packet filtering firewall
  • Can filter based upon source IP address, protocol, port, and connection state
  • Can filter based upon MAC address
  • Can also filter out malformed packets based upon TCP flags set in packet
  • Packets enter host and are processed through one of 3 ‘tables’:
  • ‘mangle’ table – responsible for changing QOS bits in packet
  • ‘filter’ table – contains 3 ‘chains’ used to process traffic
  • ‘nat’ table – used to manage changing packet’s source or destination address when using NAT
  • ‘nat’ table has 2 chains:
  • Pre-routing(changes destination address)
  • Post-routing(changes source address)
  • Packets entering ‘filter’ table go through 3 ‘chains’ to determine where packets are sent to:
  • INPUT chain is for packets destined for host
  • FORWARD chain is for packets destined for other hosts on network
  • Forwarding must be enabled and route must be available for packets to traverse FORWARD chain – usually multiple interfaces on box(router)
  • OUTPUT chain is result of program on local machine generating traffic and packets sent outbound from host
  • Once correct chain is determined, traffic is subject to user-defined rules for chain
  • Rules are checked in order they were entered until a match is found
  • If no matches found, packet processed through default chain rule
  • Log(packet is logged in syslogd)
  • DNAT(processed through NAT table for destination address change)
  • SNAT(processed through NAT table for source address change)
  • IPTables configured through ‘iptables’ command
  • Can be configured through graphical ‘Webmin’ interface

Dedicated Linux Firewalls

  • Dedicated Linux appliances serve as enterprise firewalls
  • Usaually specially configured kernel with only necessary services to provide firewall,NAT, and VPN services
  • Can be motherboard-embedded or disk
  • Two popular dedicated firewall solutions include Smoothwall and IPCop
  • Small distributions that are very lean
  • Easily installed
  • Uses lower-end equipment that can be reused
  • Both managed through web interface
  • Provide dedicated solutions for firewall, routing, VPN, and NAT
  • Updaeable over web
  • Several other solutions exist as well
Rajesh Kumar
Latest posts by Rajesh Kumar (see all)