Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
i am new user for linux , i want to setup my linux server to be the firewall of my network .
i use redhat 9 , when i installed it i choosed no firewall .
now i don't have a file /etc/sysconfig/iptables , is that normal ?
should i create it to enable the iptables commands to work ???
i know i have 3 built in chains , and i guess i know the use of every one , but what if i created a new one . when it will be used ??
i guess input chain just used when a packet arrived to the station , so what if i made a chain and named it as " linux " , when this one will be used ?
I have a firewalling router which is running SuSE and several desktop computers running Gentoo. On neither of them I have a file called /etc/sysconfig/iptables. I would say that this is a RedHat-only thing so I can't really help you there.
I might be wrong but i _guess_ that for an iptables firewall to work (in general) you don't need this file as there are ways to add rules to the chains (read man iptables). Only if you intend to use the firewall that comes with RedHat you might need it. But I'm sure you can install it with RedHat's package manager or with its configuration program.
If you just want to make a 'simple' firewall for your home network you might as well only use the three built-in chains. The way I see it the possibility to make custom chains is for much more complicated and sophisticated firewalls. Those custom chains will only be used if you add a rule to one of the three standard chains that 'send' a packet to this chain. To do this you can set a rule's target to the name of your chain.
For example instead of -j DROP you would type -j LINUX if your custom chain was called LINUX. Then the rules of the LINUX chain will be applied to the packet.
Originally posted by John Micheal
i know i have 3 built in chains , and i guess i know the use of every one , but what if i created a new one . when it will be used ??
i guess input chain just used when a packet arrived to the station , so what if i made a chain and named it as " linux " , when this one will be used ?
About the channels i suggest to read the tutorials on iptables official page:
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.