Linux Ebooks Mastering IPtables

When Linux 2.4 was released, most people focused on what it would do to help the average Linux user and talked about the USB support, firewire, PCMCIA and DRI. While these are great additions to the kernel for the majority of people, often one of the major improvements over 2.2 was overlooked, even though it applies almost as much to Joe (and of course Jane) User as it does to a hardened network engineer. This is, of course, the inclusion of the netfilter system into the kernel, which provides packet filtering and other more advanced IP features. Along with netfilter comes iptables, which is the 2.4 equivalent of ipchains, and provides a user-space interface to the filtering, Network Address Translation (NAT) and mangling modules.

We are going to look at building 2.4 with support for netfilter and iptables, then building a production level router out of it. For those of you who just have one machine, and use it to connect to the Internet, then many of the same rules apply. The Internet is one giant, generally unrestricted, network which any reasonable person would have reservations about putting any sort of machine on, never mind their own Linux system

Donwloading......