blob: 152889ab7e8c6bcb6ea1f3c934cb369cd03ce237 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
|
The netfilter framework in Linux 2.4
Linux 2.4 provides a sophisticated infrastructure, called netfilter, which is the basis for packet filtering, network address translation and packet mangling.
The whole firewalling implementation has been rewritten from scratch.
Netfilter is a clean, abstract and well-defined interface to the network stack. It is easily extendable due to its modular concept.
The presentation covers the following topics:
- Netfilter concepts
- Infrastructure provided by the network stack
- IP tables
- Packet filtering
- The builtin matches and targets
- Stateful Firewalling (Connection Tracking)
- Network address translation
- Source NAT, destination NAT, Masquerading, transparent proxying
- Packet mangling
- Queuing packets to userspace
- Current work / Future / Netfilter-related projects
Harald Welte <laforge@gnumonks.org>
|