“Security has always been a critical issue for computer
networking, and firewalls are an essential ingredient for network
security. In this series, I will show you how Linux offers you
freedom of choice in this area. There are many firewall solutions
for Linux. Most are open source applications, but some excellent
commercial products have been ported to Linux. I’ll also show you
how the Linux kernel can be used to build a highly integrated
hardware firewall.”
“Many companies and ISPs use Linux machines as an Internet
gateways. These machines often serve as mail, Web, news, or dialup
servers. In addition, they also often work as network firewalls,
enforcing access control policies between the Internet and
corporate networks. That functional flexibility makes Linux an
attractive alternative to commercial, proprietary network operating
systems.”
“The standard firewalling support in the Linux kernel is
built upon two components — ipchains and IP Masquerading. Both
features are included in standard kernel distributions.
Ipchains is a mechanism for filtering IP packets; its inclusion
means that any flavor of Linux can be configured to run as a
filtering gateway/firewall almost right out of the box. The second
important firewalling component in the kernel is IP Masquerading —
a network address translation (NAT) implementation feature with
which you can hide real IP addresses used in an internal network so
you can use nonrouting IP addresses in your LAN. If you want to set
up IP Masquerading, you will need to use the ipchains command-line
tool.”