summaryrefslogtreecommitdiff
path: root/netfilter/abstract
blob: 152889ab7e8c6bcb6ea1f3c934cb369cd03ce237 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
The netfilter framework in Linux 2.4

Linux 2.4 provides a sophisticated infrastructure, called netfilter, which is the basis for packet filtering, network address translation and packet mangling.

The whole firewalling implementation has been rewritten from scratch. 

Netfilter is a clean, abstract and well-defined interface to the network stack. It is easily extendable due to its modular concept.

The presentation covers the following topics:

- Netfilter concepts
	- Infrastructure provided by the network stack
	- IP tables 
- Packet filtering
	- The builtin matches and targets
	- Stateful Firewalling (Connection Tracking)
- Network address translation 
	- Source NAT, destination NAT, Masquerading, transparent proxying
- Packet mangling
- Queuing packets to userspace
- Current work / Future / Netfilter-related projects

Harald Welte <laforge@gnumonks.org>
personal git repositories of Harald Welte. Your mileage may vary