|
Hidden Treasures of IP Tables
|
 |
 |
 |
|
Contributed by Chad Brandt
|
|
|
|
Monday, 19 July 2004
With these powerful add-ons for iptables you can match
strings or port ranges in iptables rules or even create a tar pit for network abusers.Linux's iptables allows powerful firewalls to be
implemented at a minute fraction of the cost of many commercial offerings. Basic
iptables firewalls are packet filters, which means they inspect the network
communications flowing through them a packet at a time and make choices about
how those packets are handled. Simple configurations can be used to drop certain
packets and accept others. The choice about which policy to apply to a
particular packet commonly is made on the basis of the IP address and port
number to which it has been sent and the direction in which it is traveling.
iptables also can use state information to make more-informed choices based on
the state of the connection to which the packet relates. This is known as
connection tracking.
Read Full Article Only registered users can write comments.
Please login or register. Powered by AkoComment 1.0 beta 2! |
Home 
