I have never used a firewall in linux before, but I am going to be setting one up soon and any recommendations would be appreciated.

Some background: this will be a personal firewall just to protect my pc, although it will be running as a gateway for another computer I don't require any protection for that computer.

I would like to be able to set up these things:

1) Block all incoming ICMP/TCP/UDP except where I have a rule to allow incomming to a particular application, (eg allow tcp:80 in for apache but no other application)

2) Block all outgoing connections from my pc except where I have a rule to allow a particular application access out on a certain port, (eg allow tcp:80 out only for browser - but not for any other application, and allow email out on 25 & 110)

3) Allow full outgoing access for the other computer on my lan.


First question I have is whether iptables is still used in kernel 2.6 or has it been replaced? I don't want to spend time learning how to get that configured if it is now obsolete.

Next question is can iptables achieve the 3 tasks I want to set up.

Finally, what alternative firewalls are there that I should be looking at?

Thanks for your help.

Iptables will be around for a long time --yes 2.6 uses iptables.

By the way; there are many automated tools to help you build great iptables scripts. If you do a search on freshmeat for "firewall generator" you will find many for iptables. One of my favorites.

Have fun



Oh i forgot--- yes iptables will do all 3 and more.

right...