Linux Networking

  1. Network Security and Packet Filtering
    1. Firewall Concepts
      1. Packet Filtering Principles
        1. Filtering Criteria
          1. Ingress vs Egress Filtering
            1. Default Policies
            2. Firewall Types
              1. Stateful Firewalls
                1. Stateless Firewalls
                  1. Application Layer Firewalls
                  2. Network Address Translation (NAT)
                    1. Source NAT (SNAT)
                      1. Destination NAT (DNAT)
                        1. Port Address Translation (PAT)
                          1. Masquerading
                        2. iptables Framework
                          1. iptables Architecture
                            1. Netfilter Framework
                              1. Tables and Chains Concept
                              2. iptables Tables
                                1. filter Table
                                  1. INPUT Chain
                                    1. OUTPUT Chain
                                      1. FORWARD Chain
                                      2. nat Table
                                        1. PREROUTING Chain
                                          1. POSTROUTING Chain
                                            1. OUTPUT Chain
                                            2. mangle Table
                                              1. Packet Modification
                                                1. Quality of Service
                                                2. raw Table
                                                  1. Connection Tracking Bypass
                                                3. iptables Rules
                                                  1. Rule Syntax and Structure
                                                    1. Match Criteria
                                                      1. Target Actions
                                                        1. ACCEPT Target
                                                          1. DROP Target
                                                            1. REJECT Target
                                                              1. LOG Target
                                                                1. SNAT Target
                                                                  1. DNAT Target
                                                                    1. MASQUERADE Target
                                                                  2. iptables Management
                                                                    1. Rule Addition and Deletion
                                                                      1. Rule Ordering and Priorities
                                                                        1. Saving and Restoring Rules
                                                                          1. Making Rules Persistent
                                                                        2. nftables Framework
                                                                          1. nftables Introduction
                                                                            1. Motivation and Benefits
                                                                              1. Comparison with iptables
                                                                              2. nftables Architecture
                                                                                1. Tables, Chains, and Rules
                                                                                  1. Rule Evaluation Process
                                                                                  2. nft Command Usage
                                                                                    1. Basic Syntax
                                                                                      1. Table Management
                                                                                        1. Chain Management
                                                                                          1. Rule Management
                                                                                          2. Advanced nftables Features
                                                                                            1. Sets and Maps
                                                                                              1. Variables and Includes
                                                                                                1. Scripting Support
                                                                                              2. High-Level Firewall Tools
                                                                                                1. firewalld
                                                                                                  1. Zone-Based Configuration
                                                                                                    1. Service Definitions
                                                                                                      1. Runtime vs Permanent Configuration
                                                                                                        1. Rich Rules
                                                                                                          1. Integration with Backend
                                                                                                          2. ufw (Uncomplicated Firewall)
                                                                                                            1. Basic Usage and Syntax
                                                                                                              1. Application Profiles
                                                                                                                1. Logging Configuration
                                                                                                                  1. Status and Management
                                                                                                                2. SELinux and AppArmor Network Security
                                                                                                                  1. Mandatory Access Control Overview
                                                                                                                    1. SELinux Network Controls
                                                                                                                      1. Port Labeling
                                                                                                                        1. Network Object Classes
                                                                                                                          1. Boolean Settings
                                                                                                                          2. AppArmor Network Controls
                                                                                                                            1. Network Rules
                                                                                                                              1. Profile Configuration
                                                                                                                              2. Troubleshooting Access Denials

                                                                                                                            Previous

                                                                                                                            5. Routing in Linux

                                                                                                                            Go to top

                                                                                                                            Next

                                                                                                                            7. Network Services and Daemons