Difference between revisions of "Firewall"

From Linuxintro
imported>ThorstenStaerk
(Created page with "In a typical network, all traffic to the outside world has to pass one router/computer/cluster. On this router, you can prevent access to specific network ports. It is called...")
 
imported>ThorstenStaerk
m
Line 15: Line 15:
 
  target    prot opt source              destination
 
  target    prot opt source              destination
 
If you look at it, you will find that for all incoming [http://en.wikipedia.org/wiki/Network_packet packets] ("Chain INPUT" entry above), the policy is set to ACCEPT with no exceptions. The same is true for FORWARD and OUTPUT.
 
If you look at it, you will find that for all incoming [http://en.wikipedia.org/wiki/Network_packet packets] ("Chain INPUT" entry above), the policy is set to ACCEPT with no exceptions. The same is true for FORWARD and OUTPUT.
 +
 +
= See also =
 +
* [[security]]

Revision as of 13:18, 7 January 2012

In a typical network, all traffic to the outside world has to pass one router/computer/cluster. On this router, you can prevent access to specific network ports. It is called the firewall.

Now every Linux kernel can play firewall by deciding which network traffic to forward and which not. Starting with Linux 2.4 the respective command is iptables.

Check if your firewall is running

To check if your firewall is running, use the command iptables --list. Here's an output that means your firewall is turned off:

iptables --list
Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

If you look at it, you will find that for all incoming packets ("Chain INPUT" entry above), the policy is set to ACCEPT with no exceptions. The same is true for FORWARD and OUTPUT.

See also