Server Administration
  Home arrow Server Administration arrow Netfilter and Iptables Overview
Codewalker Forums 
  Tutorials  
Database Articles  
Miscellaneous  
Navigation Usability  
PEAR Articles  
Programming Basics  
Server Administration  
XML Tutorials  
  Reviews  
Database Book Reviews  
Linux Book Reviews  
Miscellaneous Reviews  
PHP Book Reviews  
PHP Software Reviews  
Server Admin Reviews  
SQL Tool Reviews  
  Code Gallery  
Content Management Code  
Contest Code  
Counters Code  
Database Code  
Date Time Code  
Discussion Board Code  
Email Code  
File Manipulation Code  
GUI Code  
Link Farm Code  
Miscellaneous Code  
Search Code  
Site Navigation Code  
User Management Code  
Mobile Linux 
Case Studies 
iPad Development 
Download TestComplete 
Forums Sitemap 
Weekly Newsletter 
 
Developer Updates  
Free Website Content 
 RSS  Articles
 RSS  Forums
 RSS  All Feeds
Write For Us Get Paid 
Request Media Kit
Contact Us 
Site Map 
Privacy Policy 
Support 
 USERNAME
 
 PASSWORD
 
 
  >>> SIGN UP!  
  Lost Password? 
SERVER ADMINISTRATION

Netfilter and Iptables Overview
By: Barzan 'Tony' Antal
  • Search For More Articles!
  • Disclaimer
  • Author Terms
    		•
    Rating: 5 stars5 stars5 stars5 stars5 stars / 5
    2009-07-15

    Table of Contents:
  • Netfilter and Iptables Overview
  • Netfilter
  • Iptables
  • Final Thoughts
    		•

    Rate this Article: Poor Best 
      ADD THIS ARTICLE TO:
      Del.ici.ous Digg
      Blink Simpy
      Google Spurl
      Y! MyWeb Furl
    Email Me Similar Content When Posted
    Add Developer Shed Article Feed To Your Site
    Email Article To Friend
    Print Version Of Article
    PDF Version Of Article
    		 
     
    ADVERTISEMENT

    Netfilter and Iptables Overview
    (Page 1 of 4 )

    We live in a world where being connected is the norm. If we were able to see the packets traveling around us, then we’d surely go insane. One of the main tasks of system administrators is implementing systems that work with these packets. Probably the most popular need is for a firewall. In this article we are going to overview the Netfilter framework, along with its Iptables user space in Linux.

    Everything started back in 1998 when Rusty Russell (with his development team) re-designed the already existing ipchains. It was one of earliest variations of firewalls that were able to administer IP packet filters. Ipchains, based on the classic ipfwadm, was probably the beginning of Netfilter. The developers realized that there was a lot of room for improvement, and having said that, project Netfilter was born.

    Netfilter is a fully functional, feature-laden packet filtering framework available starting from the Linux Kernels 2.4.x and 2.6.x. The beauty of this framework is that there is a set of tools and components which are able to use its hooks to the kernel to accomplish various other tasks, such as NAT (network address translation), stateful tracking, packet mangling, and of course, the most important one—being an advanced firewall.

    Furthermore, the project was expanded with Iptables. By definition, it has a table structure that allows system administrators to create, set up, and enforce definitions of rule-sets in terms of packet filtering as well as NAT modules. Iptables also comes with almost all Linux distributions. Iptables heavily relies on the Xtables sub-framework, and both of them together are sometimes called “iptables firewalling.”

    Throughout this article we will first present some details and specifics on the Netfilter infrastructure, and then we are going to get into Iptables. We will examine chains, how rule-sets can be created and linked, and ultimately we will present some working examples to see everything in action.

    Now that you have learned the structure of this article and know exactly what to expect, let’s begin. Keep in mind that this is just a brief overview. It is not a manual that explains how to create NAT modules, make chains of rules, and implement a highly secure Netfilter/iptables solution that “fits” your network situation. This article was written to make you aware of this possibility. The rest is up to you.

    Next: Netfilter >>
     

    More Server Administration Articles
    More By Barzan 'Tony' Antal


     
    >>> Be the FIRST to comment on this article!

    SERVER ADMINISTRATION ARTICLES

    - Server Responses to Client Communication
    - Authentication in Client/Server Communication
    - Client/Server Communication
    - Understanding Awk in the UNIX Shell
    - Stream Editor in the UNIX Shell
    - Processes in the UNIX Shell
    - Migrating from Windows to Wine
    - Wine: Not Another Emulator
    - Preventive Measures to Block SSH Attacks
    - Monitoring Temperatures with Cacti
    - Cacti: RRDTool-based Graphing Solution
    - Network Magic 5.0 Review
    - Netfilter and Iptables Overview
    - Installing and Configuring Squid
    - Clickfree PC Backup Systems Compared
    Find More Server Administration Articles




    © 2003-2010 by Developer Shed. All rights reserved. DS Cluster 10 Hosted by Hostway
    For more Enterprise Application Development news, visit eWeek