Just a bit of Theory

As firewalling is a really complex topic I'd like to give you a briefly introduction about what firewalls are and how IPTables firewalls work.

When you think of a firewall most people would say “firewalls just restrict the network traffic”, but a modern firewall has more to do that just restricting the traffic which is of course it's main task.

You can filter by having a look at the packet headers that store information about where the packet comes from, which protocol is used etc.

The filtering possibilities provided by the IPTables are very powerful so it's even possible to only let packets in that are know to belong to a connection you have made. This technology is called “Connection Tracking” or “Statefull Packet Filtering”.

The second important feature a firewall has to provide is the possibility to log the network traffic. This is a much more important part of it as you may think, because logfiles are give you a good view about the activities in your network like who did what and when.

Logs are also really important when the firewall got cracked and you want to know how. In that you would have a much harder life if you didn't activeted the logging functions so that you can see what has happend and how the configuration be improved.

Most people think about firewalls just being used to block traffic from the Internet to your host, but you may also configure your firewall to restrict the Internet access. Par example you may block some well known porn sites on your Children's PC or you just want to allow e-mail and Web browsing in your office but you don't want your employees to be able to download files via FTP.

All the things described are really easy to implement with the IPTables once you have understood how they work. Please read carefully through the next few chapters to learn how to efficiently use this Program to settup an firewall for your PC/Network.