{"id":23696,"date":"2021-09-18T12:33:42","date_gmt":"2021-09-18T12:33:42","guid":{"rendered":"https:\/\/www.devopsschool.com\/blog\/?p=23696"},"modified":"2022-04-13T15:56:34","modified_gmt":"2022-04-13T15:56:34","slug":"complete-referance-of-firewalls-in-linux-security","status":"publish","type":"post","link":"https:\/\/www.devopsschool.com\/blog\/complete-referance-of-firewalls-in-linux-security\/","title":{"rendered":"Complete Referance of Firewalls in Linux Security"},"content":{"rendered":"\n<ul class=\"wp-block-list\"><li><strong>Introduction to Firewalls<\/strong><\/li><li><strong>IP Tables<\/strong><\/li><li><strong>Dedicated Linux Firewalls<\/strong><\/li><\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">Introduction to Firewalls<\/h2>\n\n\n\n<ul class=\"wp-block-list\"><li>Firewalls protect network perimeters<\/li><li>Not total security solution, but important part of defense in depth strategy<\/li><li>Firewalls act as traffic cops<\/li><li>Allow only traffic that meets specific requirements is allowed to pass through<\/li><li>Can filter on port, protocol, address, or established connection<\/li><li>Higher level firwalls also filter on packet contents(application-level firewall)<\/li><li>Linux has several built-in firewall capabilities<\/li><li>Can act as a host-based firewall<\/li><li>Can act as a dedicated enterprise-level firewall<\/li><li>Can take adantage of older, recycled hardware<\/li><li>Built-in firewalls include IPChains and IPTables<\/li><li>Dedicted firewalls include IPCop and Smoothwall<\/li><\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">IPTables<\/h2>\n\n\n\n<ul class=\"wp-block-list\"><li>Replaces older IPChains firewall in Linux<\/li><li>Available since 2.4 kernel<\/li><li>Allows configuration of built-in firewall rules for host-based protection<\/li><li>Stateful packet filtering firewall<\/li><li>Can filter based upon source IP address, protocol, port, and connection state<\/li><li>Can filter based upon MAC address<\/li><li>Can also filter out malformed packets based upon TCP flags set in packet<\/li><li>Packets enter host and are processed through one of 3 &#8216;tables&#8217;:<\/li><li>&#8216;mangle&#8217; table &#8211; responsible for changing QOS bits in packet<\/li><li>&#8216;filter&#8217; table &#8211; contains 3 &#8216;chains&#8217; used to process traffic<\/li><li>&#8216;nat&#8217; table &#8211; used to manage changing packet&#8217;s source or destination address when using NAT<\/li><li>&#8216;nat&#8217; table has 2 chains:<\/li><li>Pre-routing(changes destination address)<\/li><li>Post-routing(changes source address)<\/li><li>Packets entering &#8216;filter&#8217; table go through 3 &#8216;chains&#8217; to determine where packets are sent to:<\/li><li>INPUT chain is for packets destined for host<\/li><li>FORWARD chain is for packets destined for other hosts on network<\/li><li>Forwarding must be enabled and route must be available for packets to traverse FORWARD chain &#8211; usually multiple interfaces on box(router)<\/li><li>OUTPUT chain is result of program on local machine generating traffic and packets sent outbound from host<\/li><li>Once correct chain is determined, traffic is subject to user-defined rules for chain<\/li><li>Rules are checked in order they were entered until a match is found<\/li><li>If no matches found, packet processed through default chain rule<\/li><li>Log(packet is logged in syslogd)<\/li><li>DNAT(processed through NAT table for destination address change)<\/li><li>SNAT(processed through NAT table for source address change)<\/li><li>IPTables configured through &#8216;iptables&#8217; command<\/li><li>Can be configured through graphical &#8216;Webmin&#8217; interface<\/li><\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">Dedicated Linux Firewalls<\/h2>\n\n\n\n<ul class=\"wp-block-list\"><li>Dedicated Linux appliances serve as enterprise firewalls<\/li><li>Usaually specially configured kernel with only necessary services to provide firewall,NAT, and VPN services<\/li><li>Can be motherboard-embedded or disk<\/li><li>Two popular dedicated firewall solutions include Smoothwall and IPCop<\/li><li>Small distributions that are very lean<\/li><li>Easily installed<\/li><li>Uses lower-end equipment that can be reused<\/li><li>Both managed through web interface<\/li><li>Provide dedicated solutions for firewall, routing, VPN, and NAT<\/li><li>Updaeable over web<\/li><li>Several other solutions exist as well<\/li><\/ul>\n","protected":false},"excerpt":{"rendered":"<p>Introduction to Firewalls IP Tables Dedicated Linux Firewalls Introduction to Firewalls Firewalls protect network perimeters Not total security solution, but important part of defense in depth strategy Firewalls act as&#8230; <\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_joinchat":[],"footnotes":""},"categories":[4957],"tags":[460,7055],"class_list":["post-23696","post","type-post","status-publish","format-standard","hentry","category-linux","tag-linux","tag-linux-security"],"_links":{"self":[{"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/posts\/23696","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/comments?post=23696"}],"version-history":[{"count":1,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/posts\/23696\/revisions"}],"predecessor-version":[{"id":23697,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/posts\/23696\/revisions\/23697"}],"wp:attachment":[{"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/media?parent=23696"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/categories?post=23696"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/tags?post=23696"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}