I Pt abl e s
By T homas
Aamodt
Goals of Presentation
• History about the linux firewall
• Introduction of iptables

•   Stateful inspection
•   Address t...
History
• Ipfirewall (Ipfw) 1994
• Made by Alan Cox

• Ipchains/Iptables 1998/1999
• Made by Rusty Russell
Introduction of iptables
• Netfilter Module
• Kernel based
• Examines packets

• Run on low Computer power
• Built-in ipta...
Stateful Inspection
• Increased network security
• Checks header infromation

• Iptables options:
  NEW,RELATED,INVALID,ES...
Address Translation
• Network Address Translation (NAT)
• Transforms IP addresses
• Most common use is Masquerading

• Ipt...
Packet Mangling
• Change/modify packets
• Example prioritize traffic with TOS

• TOS options

• Iptables options:
  PREROU...
Logging
• Log prefix notes

• Iptables options: LOG
Basic commands and tricks
• Variables
• Module Loading
• Enable IP forwarding

•   Flush rules
•   Flush nat tables
•   Fl...
Basic commands and tricks
• Create new chains
• Rules

• Make bash scripts to simplify your job!
Protection
• Protection agains IP Spoofing
• Make sure all NEW tcp packets are SYN

• SYN flood protection / DOS protection
Summery
•   First Delevloped for linux by Alan Cox
•   IPtables Delevloped by Rust Russell
•   States to run your iptables...
Upcoming SlideShare
Loading in …5
×

IP tables

1,398 views

Published on

Short presentation on IP tables (5-6 min)

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,398
On SlideShare
0
From Embeds
0
Number of Embeds
7
Actions
Shares
0
Downloads
5
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

IP tables

  1. 1. I Pt abl e s By T homas Aamodt
  2. 2. Goals of Presentation • History about the linux firewall • Introduction of iptables • Stateful inspection • Address translation • Packet mangling • Logging • Protection
  3. 3. History • Ipfirewall (Ipfw) 1994 • Made by Alan Cox • Ipchains/Iptables 1998/1999 • Made by Rusty Russell
  4. 4. Introduction of iptables • Netfilter Module • Kernel based • Examines packets • Run on low Computer power • Built-in iptables Chains: INPUT,OUTPUT and FORWARD
  5. 5. Stateful Inspection • Increased network security • Checks header infromation • Iptables options: NEW,RELATED,INVALID,ESTABLISHED
  6. 6. Address Translation • Network Address Translation (NAT) • Transforms IP addresses • Most common use is Masquerading • Iptables options: DNAT,SNAT,REDIRECT
  7. 7. Packet Mangling • Change/modify packets • Example prioritize traffic with TOS • TOS options • Iptables options: PREROUTING,POSTROUTING
  8. 8. Logging • Log prefix notes • Iptables options: LOG
  9. 9. Basic commands and tricks • Variables • Module Loading • Enable IP forwarding • Flush rules • Flush nat tables • Flush Chains • Diffrent JUMPS (targets) • Policyes
  10. 10. Basic commands and tricks • Create new chains • Rules • Make bash scripts to simplify your job!
  11. 11. Protection • Protection agains IP Spoofing • Make sure all NEW tcp packets are SYN • SYN flood protection / DOS protection
  12. 12. Summery • First Delevloped for linux by Alan Cox • IPtables Delevloped by Rust Russell • States to run your iptables firewall on • Commands and Tricks • Protection

×