Firewall info

[bpark]

I'd like to learn how to configure a firewall via IP tables and all the good stuff but I don't much about them. Where can I look find good information for a newbie like myself?

[Dolda2000]

http://www.netfilter.org/ has a lot of good docs on that. After all, they invented it, so I guess they know what they're talking about.

[bpark]

Is there any order that I should read these documents? Are there any prerequisites for these documents?

[Dolda2000]

I guess the best thing would be to read the network concepts howto, the packet filtering howto and then the nat howto, and possibly the netfilter extensions howto, if you think you really need it. The netfilter hacking howto is for hacking the kernel source, so I'll leave it to you to decide whether or not to read that.

Note, however, that the manpage for iptables is also really, really good. I think I learned everything from it. I suggest using "man -t iptables | ggv -" for greater readability, though.

[bpark]

Could you give me an EXACT order of what I should read? I feel that it's important for me to learn this in order. It's also really sad that I have a college degree and Dolda knows soooo much more than I do about computers in general. I feel like the education that I received was a waste.

[Dolda2000]

I'm sorry for making you feel that way. =) But on the other hand, I'm guessing that I have kind of a head start. I've had a computer my entire life, and my dad started teaching me how to program when I was five, and I've been hooked on it ever since. =)

But I'm actually having kind of a hard time determining that. I've never been a really good teacher. But now that I've remembered it, I'd really recommend that you read the iptables man page. I didn't think of it in my first post, but it actually is really good and describes most of it.

[bpark]

Dolda,

Don't feel bad for your talents. I'd probably get my kid to play sports or take up music at an early age. As for computers, I'll probably make him learn that since it's becoming a part of my life.
I didn't touch a computer till my freshman year at college. I didn't really learn about computers until I decided to learn HTML over my sophomore vacation. I didn't know how to program in C until my senior year. That's when I decided that I really wanted to study. Luckily, I was able to graduate.
Anyhow, iptables.. do I need to know detailed info about TCP/IP before reading those manuals on iptables?

[Dolda2000]

I don't think that you need any that detailed information. Of course, it's a good thing to know about IP addresses and subnets and about datagram based communication (ie. you will need to keep in mind that even TCP is transferred over packets), since iptables works by evaluating every individual packet against the rules, even those that are part of an already established TCP connection. Subnet masks are really useful for packet matching, eg. 192.168.0.0/24 matches everything from or to my LAN.
And of course, if there is anything you might wonder about in the manpage, you can just ask back here.

[bpark]

Where can I find a good amount of sources for TCP/IP? I know how the addressing system works but I can't really define what subnet, gateway are. Of course I know how they are used but that's different than knowing how they really work.

[Dolda2000]

Subnets aren't ever used in the protocol, they are pure software contraptions. They are used primarily for pattern matching and for routing. For example, if you set up your IP address to be something with a subnet mask of 255.255.255.0, the standard routing rules will be set up so that only those packets with destination address that match the subnet will be routed without using a gateway. Also, gateways will never route broadcast beyond the subnet where it originated.
So they don't really have an inner working, as you may think. It's not like the IP packets know anything about subnets. They are only configured and used by the kernels on the computers connected to the network, mainly in order to know where to route packets.