iptables - antispoof and modulated states?
Hello.
I've had some recent experience with OpenBSD and it's respective Packet Filter, pf, and have really enjoyed the amount of power it offers. In particular, the fact that it is capable of creating an antispoof firewall rule very easily as well as modulating TCP state information for security and OS obfuscation.
Now I am trying to move back into Linux for my firewalling needs since I want to have as few machines on my network as possible, and one linux box could serve as a firewall as well as other needs that linux does quite well. However, I am not seeing (or am perhaps just missing) the information on how to create a simple antispoofing rule for my LAN, as well as some of the more interesting security features like modulated state that OpenBSD offers....
Can anyone advise on where to look to find out if/how these features can be utilized, or is that not a feature of iptables? Links to primers for iptables as well as links to good higher end security information on iptables, perhaps even extensions or plug-ins for the application, would be greatly appreciated!
Thanks in advance.
|