![]() ![]() ![]() We’ve presented the basic scheme of what happens when the server receives the packet, but we still don’t know anything about the iptables internals. If the packet is accepted it is passed to the application that is waiting for that packet, otherwise it is dropped and the application will never see the packet. When the server receives the packet, it forwards it on to the Linux kernel, which passes it to the iptables firewall, which decides whether the packet should be accepted or denied. In the picture below we can see that the client sends the packet to the server through the Internet. We can present the whole scheme of how a single packet travels from the client through the Internet to the server, which uses iptables to accept/deny the packet. We already know that all packets coming to our machine must also pass through our iptables firewall, which determines if the packet is accepted or denied – to do that, iptables must look up its internal rules to decide what to do with the packet. UFW stands for Universal FireWall, which uses the iptables command and allows us to easily manage our firewall on a Linux machine. In Ubuntu ufw service is used to start/stop the firewall. Now we will move into our iptables discussion.įirst, we need to install and start the iptables firewall: If you read the mentioned articles then it should be clear what those categories in the above picture mean, and no further explanation of them is needed. ![]() ![]() I’ve also written an article about abstract categories that divided the whole information security field into abstract categories: here, and I further divided the “Packet Filtering” abstract category as can be seen in this article: here. The picture is presented so we can better imagine how firewalls and iptables firewall are connected with information security in general. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |