Security Portal: Using Linux 2.4 Firewalling - Building a Firewall with NetfilterFeb 19, 2001, 16:32 (1 Talkback[s])
(Other stories by Jay Beale)
"In my last column, I introduced Netfilter, Linux 2.4's new stateful firewalling package. Now, we'll get to actually building a firewall with Netfilter. While we'll build a Small Office/Home Office (SOHO) firewall script here, this article should be very useful for any environment. This article should be useful for network and system administrators, but also to the home user who wants to secure a network or a single machine. CIO types might find this article too detail-oriented -- they should profit most from the first part of this series, the aforementioned last column. For the rest of you, go get yourself a cup of coffee or a can of Mountain Dew: even a small firewall can be fairly involved."
"This article assumes a basic knowledge of firewalls and protocols. If you don't yet have one, don't despair. I've made a "prerequisite" article on firewall placement, default deny/allow policies, and very basic TCP/IP fundamentals: http://securityportal.com/articles/prereq20010219.html."
"Remember, to filter a service, you usually just need to filter packets with the appropriate source/destination port. If you wanted to block incoming telnet connections, you might block all incoming TCP packets with destination port 23. If you wanted to block your network from making external web connections, you'd block outgoing TCP packets with destination ports 80 (HTTP) and 443 (HTTPS). Other protocols, like FTP, are more complicated - in those cases, you just need to learn a little about the protocol. I'll discuss FTP messiness later in this article. For now, let's get going."