LinuxWorld: Linux firewall survey, Part 1: Open source product roundupOct 09, 2000, 23:53 (1 Talkback[s])
(Other stories by Pawel Leszek)
"Security has always been a critical issue for computer networking, and firewalls are an essential ingredient for network security. In this series, I will show you how Linux offers you freedom of choice in this area. There are many firewall solutions for Linux. Most are open source applications, but some excellent commercial products have been ported to Linux. I'll also show you how the Linux kernel can be used to build a highly integrated hardware firewall."
"Many companies and ISPs use Linux machines as an Internet gateways. These machines often serve as mail, Web, news, or dialup servers. In addition, they also often work as network firewalls, enforcing access control policies between the Internet and corporate networks. That functional flexibility makes Linux an attractive alternative to commercial, proprietary network operating systems."
"The standard firewalling support in the Linux kernel is built upon two components -- ipchains and IP Masquerading. Both features are included in standard kernel distributions. Ipchains is a mechanism for filtering IP packets; its inclusion means that any flavor of Linux can be configured to run as a filtering gateway/firewall almost right out of the box. The second important firewalling component in the kernel is IP Masquerading -- a network address translation (NAT) implementation feature with which you can hide real IP addresses used in an internal network so you can use nonrouting IP addresses in your LAN. If you want to set up IP Masquerading, you will need to use the ipchains command-line tool."