This document discusses IP routing and firewall configuration in Linux. It covers IP forwarding, the routing cache, routing tables, and rule-based routing. It then discusses IP tables, which contain three tables (filter, NAT, mangle) and chains. Each table contains chains and rules to filter, translate, or modify packets. IP chains are used to divert and return packets between the tables. The document provides examples of IPTables and IPChains commands used to manage rules and packet flow.

1. IP Routing in Linux
Name:-cyz
Class:-TYIF
Roll no.:-3415

2. Agenda
•Routing in Linux
IP Forwarding
Routing Cache
Routing table
Rule-Based on Routing
• IP Table
Filter Table
NAT Table
Mangle Table
• IP Chain

3. Routing in Linux
• IP Forwarding
IP forwarding also known as Internet routing is a
process used to determine which path a packet or
datagram can be sent.
Forwarding is implemented in the Linux Kernel a
task of the IP layer routing is handled on higher
layers routing protocols build on top of transport-
layer protocols.

4. Routing in Linux(cont.)
• Routing Cache
The routing cache is also known as the forwarding
information base (FIB).
The routing cache stores recently used routing
entries in a fast and convenient hash lookup table,
and is consulted before the routing tables.
If the kernel finds a matching entry during route
cache lookup, it will forward the packet immediately
and stop traversing the routing tables.

5. Routing in Linux(cont.)
• Routing Table
Routing Table are represented by rather complex
data structures, which manage entries by using a
number of hash tables for different prefix lengths .
Each routing table still operates in the traditional
and expected fashion.
 Linux simply allows you to choose from a number
of routing tables, and to traverse routing tables in a
user-definable sequence until a matching route is
found.

6. Routing in Linux(cont.)
• Rule-Based on Routing
 Rule-based Routing are set of rules is used to select
which table should be used for what packets Rules a
selector and a type selector chooses .
 Routing Rules rule-based routing uses a set of rules to
decide searched for a suitable entry to forward a
packet .

7. IP Table
• IP tables is a user-space application program that
allows a system administrator to configure the tables
provided by the Linux kernel firewall and the chains
and rules it stores.
• IP table are contain IP chain and IP chain contain
commands.
• IP Tables is used to set up, maintain, and inspect the
tables of IP packet filter rules in the Linux kernel.
IP Table IP chain Command

8. IP Table
• IP Table is contain three types.
• Three tables each consists of one or more
chains
• Filter Table
• NAT Table
• Mangle Table

9. Filter Table
• Consists of three chains
• FORWARD
»For packets forwarded from one network
interface to another network interface
• INPUT
»For packets sent to firewall host
• OUTPUT
»For packets sent by firewall host

10. NAT Table
• NAT – Network Address Translation
• PREROUTING
»Destination NAT operations
• POSTROUTING
»Source NAT operations

11. Mangle Table
• Enables the modification of the TOS or the TTL
field and used for load balancing when there
are multiple firewalls
• PREROUTING, OUTPUT chains
»Kernel <= 2.4.17
• PREROUTING, INPUT, FOREWARDING,
OUTPUT and POSTROUTING chains
»Kernel >= 2.4.18

12. IP Tables Commands
• -A , --append Append rule to chain
• -D , --delete Delete rule from chain
• -I , --insert Insert rule at beginning or at specified
sequence number in chain.
• -R , --replace Replace rule
• -F , --flush Flush all rules
• -Z , --zero Zero byte counters in all chains
• -L , --list List all rules. Add option --line-numbers
for rule number.
• -N , --new-chain Create new chain
• -X , --delete-chain Delete user defined chain
• -P , --policy Set default policy for a chain
• -E , --rename-chain Rename a chain

13. IP Chains
• IP Chains Associated with a specific table
• A packet can be diverted to a user chain
• The packet is returned to the step after it's
diversion
• Linux IP Firewalling Chains, normally called IP
chains, is free software to control the packet
filter or firewall capabilities in the 2.2 series of
Linux kernels.

14. IPChains Flow
IP Packet checksum
sanity
DENY
Input
Chain
Route
Decision
Forward
Chain
Outpu
t
Chain ACCEPT
Demasquerade
DENY DENY
Local
lo interface

15. IP Chains Commands
• Command Description
• -A Add rule to chain
• -D Delete rule from chain
• -I Insert rule
• -R Replace rule
• -F Flush all rules
• -L List all rules
• -N Create new chain
• -X Delete user defined chain
• -P Set default targe

16. IP Chains Command
• Command Option Description
• -s Source address of packet
• -d Destination address of packet
• -i Interface packet is arriving from
• -p Protocol
• -j Target to send packet to
• -y For -p tcp. Packet is SYN packet.
• --icmp-type For -p icmp.
• -l Log the packet to syslog.
• /var/log/messages Available in Red Hat 6.0+
kernel