Difference between revisions of "Firewall Basics"
(→The History of the Linux Firewall) |
(→The History of the Linux Firewall) |
||
| Line 9: | Line 9: | ||
In the 1990, even before Linux, there was [https://en.wikipedia.org/wiki/TCP_Wrappers TCP Wrappers] which could be used to protect a server program from access by using a list of IP addressed that would be allowed or denied access to a server. It is still in use today, thought most firewall rules are now handled by the kernel: |
In the 1990, even before Linux, there was [https://en.wikipedia.org/wiki/TCP_Wrappers TCP Wrappers] which could be used to protect a server program from access by using a list of IP addressed that would be allowed or denied access to a server. It is still in use today, thought most firewall rules are now handled by the kernel: |
||
| − | The Linux had firewalling code in the kernel since about 1997. Back then it was ipfwadm. With the 2.2 kernels came ipchains. This was then replaced with the iptables firewall. Modern distributions are now replacing this with the '''nftables''' firewall. |
+ | The Linux had firewalling code in the kernel since about 1997. Back then it was ipfwadm. With the 2.2 kernels came ipchains. This was then replaced with the iptables firewall. Modern distributions are now replacing this with the <q>netfilter</q> or '''nftables''' firewall. |
| + | |||
| + | In order to set up rules or display the existing rules there are tools that talk to the kernel interface. For iptables the tools was <q>iptables</q>. For the modern nftables the tools is <q>nft</q>. |
||
Revision as of 16:05, 28 March 2020
Motivation
Protecting your Linux from threats on the Internet is ever more important today. For this you should turn off any service that you do not need and also keep your distribution up to date. A firewall also helps to prevent unwanted guests. Using Linux as a firewall to protect your network is also often a good idea. Last but not least: The NAT (Network Address Translation) built into the Linux firewall code is useful if you want a private network behind a Linux router.
The History of the Linux Firewall
In the 1990, even before Linux, there was TCP Wrappers which could be used to protect a server program from access by using a list of IP addressed that would be allowed or denied access to a server. It is still in use today, thought most firewall rules are now handled by the kernel:
The Linux had firewalling code in the kernel since about 1997. Back then it was ipfwadm. With the 2.2 kernels came ipchains. This was then replaced with the iptables firewall. Modern distributions are now replacing this with the netfilter
or nftables firewall.
In order to set up rules or display the existing rules there are tools that talk to the kernel interface. For iptables the tools was iptables
. For the modern nftables the tools is nft
.
