Here is some text from the slides:
+ what is iptables?
iptables is the userspace command line program used to configure the linux packet filtering ruleset
+ a.k.a. firewall
what?
a packet filter is a piece of software that looks at the headers of packets as they pass through, and decides the fate of the entire packet
why?
+ control
allow only what you specify
+ security
protect against evil >:|
+ watchfulness
alerts of abnormal activity
traffic can be characterized by:
+ source and/or destination ip
trust certain hosts
+ source and/or destination port
allow specific services
+ protocol type
tcp, udp, icmp, etc…
+ additional parameters
e.g. state,
+ review: ports
Once a packet has reached its destination host, it is sent to a specific port.
+ about 65,000 available ports per host
+ the first 1024 are reserved to privileged
processes such as daemons
+ /etc/services defines well-known ports
e.g. Telnet:23, FTP:21, HTTP:80
+ review: protocols
Represent the kind of traffic being sent.
+ tcp // transmission control protocol
maintains a connection between two hosts
+ udp // user datagram protocol
sends data statelessly, without
establishing a connection
+ icmp // internet control message protocol
administrative functions such as PING
+ basic operations
-L List the rules.
-I
-A Append a new rule at end of chain.
-R
-D
-F Flush the chain (delete all rules).
-X
-P
Set
as default policy for chain.
-t