Firewall Basics

From docwiki
Revision as of 16:05, 28 March 2020 by Mond (talk | contribs) (The History of the Linux Firewall)
Jump to: navigation, search


Motivation

Protecting your Linux from threats on the Internet is ever more important today. For this you should turn off any service that you do not need and also keep your distribution up to date. A firewall also helps to prevent unwanted guests. Using Linux as a firewall to protect your network is also often a good idea. Last but not least: The NAT (Network Address Translation) built into the Linux firewall code is useful if you want a private network behind a Linux router.

The History of the Linux Firewall

In the 1990, even before Linux, there was TCP Wrappers which could be used to protect a server program from access by using a list of IP addressed that would be allowed or denied access to a server. It is still in use today, thought most firewall rules are now handled by the kernel:

The Linux had firewalling code in the kernel since about 1997. Back then it was ipfwadm. With the 2.2 kernels came ipchains. This was then replaced with the iptables firewall. Modern distributions are now replacing this with the netfilter or nftables firewall.

In order to set up rules or display the existing rules there are tools that talk to the kernel interface. For iptables the tools was iptables. For the modern nftables the tools is nft.

Retrieved from "https://mond.at/docwiki/index.php?title=Firewall_Basics&oldid=340"