Next:
Contents
Contents
Linux Firewalling and FIAIF
Anders Peter Fugmann
anders@fugmann.net
Date:
Version 1.0.4
Contents
Preface
Summary
Prerequisites
Introduction
Firewalls
Purpose of a firewall
Netfilter
Setting up a Linux firewall
FIAIF
Design
Zones
Statefull firewalling
Network address translation
Implementation
Configuration
Zone specification
Example:
Configuring a zone
Definitions
Zone definition
NAME
DEV
DYNAMIC
DHCP_SERVER
GLOBAL
IP
NET
MASK
BCAST
Zone access
Input rules
Example
Output rules
Example
Forward rules
Example
Reply rules
Example
Limit rules
Example
Network address translation rules
Redirect
Example
Masquerading/SNAT
Example
Miscellaneous rules
Packet marking
Example
Traffic monitoring
Example
Denying communication to MAC addresses
Example
Denying communication to IP addresses
Example
Clearing ECN bits from packets
Example
Example setup
The default setup of the External zone
The default setup of the internal zone
The default setup of the demilitarized zone
Related work
Status
Further work
Bibliography
Usage
Configuration files
fiaif.conf
reserved_networks
private_networks
type_of_services
zone.ext
zone.int
zone.dmz
Anders Peter Fugmann 2011-03-20
