Difference between revisions of "Firewall"
From Linuxintro
imported>ThorstenStaerk (Created page with "In a typical network, all traffic to the outside world has to pass one router/computer/cluster. On this router, you can prevent access to specific network ports. It is called...") |
imported>ThorstenStaerk m |
||
| Line 15: | Line 15: | ||
target prot opt source destination | target prot opt source destination | ||
If you look at it, you will find that for all incoming [http://en.wikipedia.org/wiki/Network_packet packets] ("Chain INPUT" entry above), the policy is set to ACCEPT with no exceptions. The same is true for FORWARD and OUTPUT. | If you look at it, you will find that for all incoming [http://en.wikipedia.org/wiki/Network_packet packets] ("Chain INPUT" entry above), the policy is set to ACCEPT with no exceptions. The same is true for FORWARD and OUTPUT. | ||
| + | |||
| + | = See also = | ||
| + | * [[security]] | ||
Revision as of 13:18, 7 January 2012
In a typical network, all traffic to the outside world has to pass one router/computer/cluster. On this router, you can prevent access to specific network ports. It is called the firewall.
Now every Linux kernel can play firewall by deciding which network traffic to forward and which not. Starting with Linux 2.4 the respective command is iptables.
Check if your firewall is running
To check if your firewall is running, use the command iptables --list. Here's an output that means your firewall is turned off:
iptables --list Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination
If you look at it, you will find that for all incoming packets ("Chain INPUT" entry above), the policy is set to ACCEPT with no exceptions. The same is true for FORWARD and OUTPUT.
