SearchEnterpriseLinux: Netfilter and iptables: Understanding How they Harden Linux
Aug 11, 2005, 07:00 (0 Talkback[s])
[ Thanks to AKucharik for this link.
"What is netfilter?
"James Turnbull: Netfilter is a framework that
hooks into the network stack to allow the manipulation and
processing of network packets. It consists of two major components.
The first component, netfilter, provides the hooks into the network
stack to allow actions to be performed on the packets that traverse
the stack. These actions are defined in the form of rules. The
second component is iptables, which is a generic table structure
for the rules and rulesets used by netfilter. The user space tool
used to set these rules is also called iptables..."