blob: 964324404975dce5e1be048e930046e055ad4e0c (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
|
Workshop about netfilter/iptables firewall administration
Target audience: System and Network Administrators
Prerequirements: Advanced knowledge about the TCP/IP protocol suite, general
GNU/Linux system adminstration skills.
Goal: To give an in-depth introduction into the netfilter/iptables subsystem of
the Linux kernel. Given the information in this workshop, the audience should
be able to configure and use netfilter/iptables in an effective way.
Table of contents:
- The history of the linux packet filter (ipfwadm, ipchains, iptables)
- netfilter: the hooks
- iptables: the packet matching system on top of netfilter
- general structure
- available targets
- available matches
- iptable_filter: Packet filtering
- iptable_mangle: Packet mangling
- ip_conntrack: Connection tracking on top of netfilter
- iptable_nat: Combining netfilter, iptables and ip_conntrack
- Practical examples of typical firewall rulesets
- The 10 commandments of how to break your network (the "don't do" part)
- Lots of time for questions & anwers
|
