Synopses & Reviews
Firewalls, Network Address Translation (NAT), network logging and accounting are all provided by Linux's Netfilter system, also known by the name of the command used to administer it, iptables. The iptables interface is the most sophisticated ever offered onLinux and makes Linux an extremely flexible system for any kind of network filtering you might do. Large sets of filtering rules can be grouped in ways that makes it easy to test them and turn them on and off.Do you watch for all types of ICMP traffic--some of them quite dangerous? Can you take advantage of stateful filtering to simplify the management of TCP connections? Would you like to track how much traffic of various types you get?This pocket reference will help you at those critical moments when someone asks you to open or close a port in a hurry, either to enable some important traffic or to block an attack. The book will keep the subtle syntax straight and help you remember all the values you have to enter in order to be as secure as possible. The book has an introductory section that describes applications,followed by a reference/encyclopaedic section with all the matches and targets arranged alphabetically.
This handy pocket reference helps Linux administrators keep the details of their firewall system straight, so they can respond quickly to sudden changes in the network environment.
Depending on the type of network, a firewall consists of a program or hardware device that filters information coming through an Internet connection. In a Linux network, the netfilter system--also known by the name of the command used to administer it, iptables--provides firewalls, network logging and Network Address Translation (NAT), which authenticates and translates a user's Internet Protocol (IP) address before access to the network is granted. Linux administrators will find this pocket reference valuable at those critical moments when they need to open or close a port in a hurry, either to allow important traffic in or to block an attack. "Linux iptables Pocket Reference organizes the subtle netfilter syntax for quick and easy lookup, and helps administrators remember all the values they need to enter to assure strict security. The book divides the listings of all iptables options into those that are suitable for firewalling, accounting, and NAT. Our unique quick reference format is ideal for Linux administrators who already have a firewall in place, but need to be prepared for frequent changes in their environment.
About the Author
Gregor N. Purdy is engineering manager in the large account services group at Amazon.com. Before joining Amazon.com in 2003, Gregor worked for ten years as a consultant in high-end data warehousing, system integration, and prior art research in software and Internet patents. He has also contributed to a number of open source projects, including Perl core and extension modules, the Perl Shell, and the Parrot virtual machine for Perl 6.
Table of Contents
- Chapter 1: Linux iptables Pocket Reference