From fca59bea770346cf1c1f9b0e00cb48a61b44a8f3 Mon Sep 17 00:00:00 2001 From: Harald Welte Date: Sun, 25 Oct 2015 21:00:20 +0100 Subject: import of old now defunct presentation slides svn repo --- 2005/netfilter_administration-cluc2005/abstract | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) create mode 100644 2005/netfilter_administration-cluc2005/abstract (limited to '2005/netfilter_administration-cluc2005/abstract') diff --git a/2005/netfilter_administration-cluc2005/abstract b/2005/netfilter_administration-cluc2005/abstract new file mode 100644 index 0000000..9643244 --- /dev/null +++ b/2005/netfilter_administration-cluc2005/abstract @@ -0,0 +1,25 @@ +Workshop about netfilter/iptables firewall administration + +Target audience: System and Network Administrators + +Prerequirements: Advanced knowledge about the TCP/IP protocol suite, general +GNU/Linux system adminstration skills. + +Goal: To give an in-depth introduction into the netfilter/iptables subsystem of +the Linux kernel. Given the information in this workshop, the audience should +be able to configure and use netfilter/iptables in an effective way. + +Table of contents: +- The history of the linux packet filter (ipfwadm, ipchains, iptables) +- netfilter: the hooks +- iptables: the packet matching system on top of netfilter + - general structure + - available targets + - available matches +- iptable_filter: Packet filtering +- iptable_mangle: Packet mangling +- ip_conntrack: Connection tracking on top of netfilter +- iptable_nat: Combining netfilter, iptables and ip_conntrack +- Practical examples of typical firewall rulesets +- The 10 commandments of how to break your network (the "don't do" part) +- Lots of time for questions & anwers -- cgit v1.2.3