Content added Content deleted
imported>MattisManzel m (Reverted edit of 81.196.233.3, changed back to last version by mutante) |
imported>mutante mNo edit summary |
||
(6 intermediate revisions by 3 users not shown) | |||
Line 1: | Line 1: | ||
== summary == |
|||
http://www.netfilter.org/ |
|||
iptables is the interface to the packet filtering capabilities of the [[Linux]] kernel, [[netfilter]]. |
|||
You use it to create so called [[firewall]]s. |
|||
* http://netfilter.org/ |
|||
* http://netfilter.org/projects/iptables/index.html |
|||
netfilter and iptables are building blocks of a framework inside the Linux 2.4.x and 2.6.x kernel. This framework enables packet filtering, network addresss [and port] translation (NA[P]T) and other packet mangling. It is the re-designed and heavily improved successor of the previous Linux 2.2.x ipchains and Linux 2.0.x ipfwadm systems. |
|||
== manpage == |
|||
netfilter is a set of hooks inside the Linux kernel that allows kernel modules to register callback functions with the network stack. A registered callback function is then called back for every packet that traverses the respective hook within the network stack. |
|||
<man>iptables</man> |
|||
iptables is a generic table structure for the definition of rulesets. Each rule within an IP table consists out of a number of classifiers (iptables matches) and one connected action (iptables target). |
|||
{{manpage}} |
|||
netfilter, iptables and the connection tracking as well as the NAT subsystem together build the whole framework. |
|||
Main Features |
|||
== further links == |
|||
* stateless packet filtering (IPv4 and IPv6) |
|||
* stateful packet filtering (IPv4) |
|||
* all kinds of network address and port translation (NAT/NAPT) |
|||
* flexible and extensible infrastructure |
|||
* multiple layers of API's for 3rd party extensions |
|||
* large number of plugins/modules kept in 'patch-o-matic' repository |
|||
⚫ | |||
* [http://www.harry.homelinux.org/modules.php?name=iptables_Generator iptables generator von Harry's Linux-Seite], [http://harry.homelinux.org/modules.php?name=News&file=article&sid=3] |
|||
⚫ | |||
* [http://linuxreviews.org/features/ipv6/iptables/ IPv6 iptables firewall (Linux Reviews)] |
|||
[[Category:Linux]] |
[[Category:Linux]] |
||
[[Category:Programs]] |
|||
[[Category:Networking]] |
|||
[[Category:Security]] |