LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 10-20-2010, 09:59 AM   #1
AsySyah
LQ Newbie
 
Registered: Sep 2010
Posts: 7

Rep: Reputation: 0
firewall chains


how many firewall chains are supported by kernel is it three or four...? some said 3 some said 4....im very confuse... can someone help me...?
 
Old 10-21-2010, 03:05 AM   #2
prayag_pjs
Senior Member
 
Registered: Feb 2008
Location: Pune - India
Distribution: Fedora,RedHat,CentOS,Gentoo
Posts: 1,145
Blog Entries: 4

Rep: Reputation: 147Reputation: 147
IPTABLES: It is a firewall/NAT package.

All packets inspected by iptables pass through a sequence of built-in tables (queues) for processing. Each of these queues is dedicated to a particular type of packet activity and is controlled by an associated packet transformation/filtering chain.

Originally, the most popular firewall/NAT package running on Linux was ipchains, but it had a number of shortcomings. To rectify this, the Netfilter organization decided to create a new product called iptables

There are three tables in total. The first is the mangle table which is responsible for the alteration of quality of service bits in the TCP header. This is hardly used in a home or SOHO environment.

The second table is the filter queue which is responsible for packet filtering. It has three built-in chains in which you can place your firewall policy rules. These are the:

* Forward chain: Filters packets to servers protected by the firewall.
* Input chain: Filters packets destined for the firewall.
* Output chain: Filters packets originating from the firewall.

The third table is the nat queue which is responsible for network address translation. It has two built-in chains; these are:

* Pre-routing chain: NATs packets when the destination address of the packet needs to be changed.
* Post-routing chain: NATs packets when the source address of the packet needs to be changed.
 
Old 10-21-2010, 03:14 AM   #3
sem007
Member
 
Registered: Nov 2006
Distribution: RHEL, CentOS, Debian Lenny, Ubuntu
Posts: 638

Rep: Reputation: 113Reputation: 113
Quote:
Originally Posted by AsySyah View Post
how many firewall chains are supported by kernel is it three or four...? some said 3 some said 4....im very confuse... can someone help me...?
If you are looking default chains, prayag already explain you.

you can verify this by using -L option

Code:
# iptables -t filter -L
# iptables -t nat -L
# iptables -t mangle -L
BTW you can create you own chain with -N options.

Regards,
 
Old 10-24-2010, 11:03 PM   #4
win32sux
LQ Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 377Reputation: 377Reputation: 377Reputation: 377
There's also the raw table.
 
1 members found this post helpful.
Old 10-25-2010, 01:10 AM   #5
prayag_pjs
Senior Member
 
Registered: Feb 2008
Location: Pune - India
Distribution: Fedora,RedHat,CentOS,Gentoo
Posts: 1,145
Blog Entries: 4

Rep: Reputation: 147Reputation: 147
Thumbs up

Quote:
Originally Posted by win32sux View Post
There's also the raw table.
Nice!I was not knowing about that.Thanks!
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
firewall chains AsySyah Linux - Newbie 1 10-20-2010 11:25 AM
Webmin firewall using ip chains - samba/ip mask trekk Linux - Networking 1 11-12-2005 12:58 AM
IP Chains and Timbuktu Michael Rhoades Linux - Security 1 12-03-2002 06:00 PM
IP chains? Statement Linux - Networking 4 03-11-2002 04:00 PM
ip chains iquadri1 Linux - Networking 0 09-29-2001 03:09 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 10:08 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration