• Abstract and Figures
• Public Full-text

Linux IPCHAINS−HOWTO Linux IPCHAINS−HOWTO Table of Contents Linux IPCHAINS−HOWTO..............................................................................................................................1 Rusty Russell...........................................................................................................................................1 1.Introduction...........................................................................................................................................1 2.Packet Filtering Basics..........................................................................................................................1 3.I'm confused! Routing, masquerading, portforwarding, ipautofw.......................................................1 4.IP Firewalling Chains...........................................................................................................................1 5.Miscellaneous.......................................................................................................................................2 6.Common Problems...............................................................................................................................2 7.A Serious Example...............................................................................................................................2 8.Appendix: Differences between ipchains and ipfwadm.......................................................................2 9.Appendix: Using the ipfwadm−wrapper script.....................................................................................3 10.Appendix: Thanks...............................................................................................................................3 1.Introduction...........................................................................................................................................3 1.1 What?.................................................................................................................................................3 1.2 Why?..................................................................................................................................................3 1.3 How?..................................................................................................................................................3 1.4 Where?...............................................................................................................................................4 2.Packet Filtering Basics..........................................................................................................................4 2.1 What?.................................................................................................................................................4 2.2 Why?..................................................................................................................................................4 2.3 How?..................................................................................................................................................5 A Kernel With Packet Filtering..................................................................................................5 ipchains.......................................................................................................................................6 Making Rules Permanent...........................................................................................................6 3.I'm confused! Routing, masquerading, portforwarding, ipautofw.......................................................7 3.1 Rusty's Three−Line Guide To Masquerading....................................................................................8 3.2 Gratuitous Promotion: WatchGuard Rules........................................................................................8 3.3 Common Firewall−like Setups..........................................................................................................8 Private Network: Traditional Proxies.........................................................................................8 Private Network: Transparent Proxies........................................................................................9 Private Network: Masquerading...............................................................................................10 Public Network.........................................................................................................................11 Limited Internal Services.........................................................................................................12 3.4 More Information on Masquerading................................................................................................12 4.IP Firewalling Chains.........................................................................................................................13 4.1 How Packets Traverse The Filters...................................................................................................13 Using ipchains...........................................................................................................................14 What You'll See When Your Computer Starts Up...................................................................15 Operations on a Single Rule.....................................................................................................16 Filtering Specifications.............................................................................................................17 Specifying Source and Destination IP Addresses.....................................................................17 Specifying Inversion.................................................................................................................17 Specifying Protocol...................................................................................................................18 Specifying UDP and TCP Ports................................................................................................18 Specifying ICMP Type and Code.............................................................................................18 Specifying an Interface ............................................................................................................19 Specifying TCP SYN Packets Only..........................................................................................20 i Linux IPCHAINS−HOWTO Table of Contents Handling Fragments.................................................................................................................20 Filtering Side Effects................................................................................................................21 Specifying a Target..................................................................................................................21 Logging Packets........................................................................................................................23 Manipulating the Type Of Service............................................................................................24 Marking a Packet......................................................................................................................26 Operations on an Entire Chain.................................................................................................26 Creating a New Chain...............................................................................................................26 Deleting a Chain.......................................................................................................................26 Flushing a Chain......................................................................................................................27 Listing a Chain..........................................................................................................................27 Resetting (Zeroing) Counters....................................................................................................28 Setting Policy...........................................................................................................................29 Operations on Masquerading....................................................................................................29 Checking a Packet.....................................................................................................................29 Multiple Rules at Once and Watching What Happens.............................................................30 4.2 Useful Examples..............................................................................................................................31 Using ipchains−save................................................................................................................33 Using ipchains−restore.............................................................................................................34 5.Miscellaneous.....................................................................................................................................35 5.1 How to Organize Your Firewall Rules............................................................................................35 5.2 What Not To Filter Out....................................................................................................................35

Load more

  60

Copy Link