26 lines
1.0 KiB
Plaintext
26 lines
1.0 KiB
Plaintext
Workshop about netfilter/iptables firewall administration
|
|
|
|
Target audience: System and Network Administrators
|
|
|
|
Prerequirements: Advanced knowledge about the TCP/IP protocol suite, general
|
|
GNU/Linux system adminstration skills.
|
|
|
|
Goal: To give an in-depth introduction into the netfilter/iptables subsystem of
|
|
the Linux kernel. Given the information in this workshop, the audience should
|
|
be able to configure and use netfilter/iptables in an effective way.
|
|
|
|
Table of contents:
|
|
- The history of the linux packet filter (ipfwadm, ipchains, iptables)
|
|
- netfilter: the hooks
|
|
- iptables: the packet matching system on top of netfilter
|
|
- general structure
|
|
- available targets
|
|
- available matches
|
|
- iptable_filter: Packet filtering
|
|
- iptable_mangle: Packet mangling
|
|
- ip_conntrack: Connection tracking on top of netfilter
|
|
- iptable_nat: Combining netfilter, iptables and ip_conntrack
|
|
- Practical examples of typical firewall rulesets
|
|
- The 10 commandments of how to break your network (the "don't do" part)
|
|
- Lots of time for questions & anwers
|