This paper introduces the commonly used firewall rule configuration software Iptables under LINUX. This paper describes the function of LINUX firewall from the aspects of implementation principle, configuration method and functional characteristics.

Keywords: LINUX firewall Iptables Ipchains packet filtering

Preface:

Linux provides firewall protection for increasing system security. There is a firewall between your computer and the network, which is used to determine which resources on your computer can be accessed by remote users in the network. A properly configured firewall can greatly improve the security of the system. As an important part of network security measures, firewall has been widely concerned by people. LINUX is an operating system that has sprung up in recent years. It is widely praised by the industry for its open source code, powerful and stable network functions and a large number of free resources. LINUX firewall is actually a functional module of the operating system itself. By installing a specific firewall kernel, the LINUX operating system will process the received packets according to certain policies. What users need to do is to use specific configuration software (such as iptables) to customize the "packet processing strategy" that suits them.

The second firewall

Packet filtering:

Filtering packets can be said to be the most basic function of any firewall, and LINUX firewall itself can also be said to be a "packet filtering firewall" from a certain angle. In the LINUX firewall, the kernel of the operating system checks each incoming data packet and extracts the required information from their packet headers, such as source IP address, destination IP address, source port number, destination port number, etc. , and then compare them with the established fire prevention rules one by one, and implement the policy that matches the rules or the default policy.

It is worth noting that when making firewall filtering rules, there are usually two basic strategies and methods to choose from: one is to allow everything by default, that is, to explicitly prohibit those special and unnecessary packets on the basis of accepting all packets; Another strategy is to prohibit everything by default, that is, all packets are prohibited from passing first, and then the required packets are allowed to pass one by one according to the required services. Generally speaking, the former is easier to start and run the firewall, but it is easier to leave security risks for itself.

By filtering incoming packets at the external interface of the firewall, most intentional or unintentional network attacks can be effectively prevented. At the same time, it can limit outgoing packets, which hosts in the intranet can access the Internet, which hosts can only enjoy which services or log in which sites, so as to realize the management of internal hosts. It can be said that packet filtering is indeed a simple and effective means in the security protection and network management of some small internal LANs.

Agent:

The proxy function of LINUX firewall is realized by installing corresponding proxy software. It enables those internal hosts who don't have public ***IP to access the Internet, which shields the internal network well, thus effectively ensuring the security of internal hosts.

IP camouflage:

IP masquerading is another important function of LINUX operating system. By adding the corresponding camouflage module in the system kernel, the kernel can automatically "disguise" the passed data packet, that is, modify the source and destination IP information in the header, so that the external host mistakenly thinks that the data packet is sent by the firewall host. This can effectively solve the problem that hosts using internally reserved IP cannot access the Internet, and at the same time shield the internal LAN.

I have the topic you want, I hope it will help you. Add me, I hope I can help you!