“The reason for firewalling is obvious: We want to protect
our computer from unwanted vistors, whether they are malicious or
just curious. Firewalls are merely a set a rules that
determine what we do with any given packet of information going to
or coming from another computer on a network: allow it to proceed,
return it with an error message, or drop it entirely.”
“My home Linux boxes, for example, provide a number of services
to my home network: telnet connections, network drive sharing via
NFS and Samba, an FTP server, and a MySQL database server. I
occasionally want to connect to the Internet, but I don’t really
want folks out there on the Net snooping around those services.
Instead of shutting down all my network services every time I fire
up the modem, I’ve written a set of firewall rules that (hopefully)
keep unwanted visitors away….”
“In many ways, iptables behaves like the older ipchains. They
both use the criteria listed above to inspect IP packets to see if
they should be allowed into, out of, or through your machine. Both
are based on the concept of rule chains, which are essentially a
series of inspection rules. Finally, both have three default
chains….”