Additional Resources

Refer to the following sources for additional information on packet filtering with iptables.

"Firewalls" - Contains a chapter about the role of firewalls within an overall security strategy as well as strategies for constructing firewall rules.

Installed Documentation

man iptables - Contains a description of iptables as well as a comprehensive list of targets, options, and match extensions.

Useful Websites

http://www.netfilter.org/ - The home of the netfilter/iptables project. Contains assorted information about iptables, including a FAQ addressing specific problems and various helpful guides by Rusty Russell, the Linux IP firewall maintainer. The HOWTO documents on the site cover subjects such as basic networking concepts, kernel packet filtering, and NAT configurations.

http://www.linuxnewbie.org/nhf/Security/IPtables_Basics.html - An introduction to the way packets move through the Linux kernel, plus an introduction to constructing basic iptables commands.

^[14] Since system BIOSes differ between manufacturers, some may not support password protection of either type, while others may support one type but not the other.

^[15] GRUB also accepts unencrypted passwords, but it is recommended that an MD5 hash be used for added security.

^[16] This access is still subject to the restrictions imposed by SELinux, if it is enabled.

^[17] A system where both the client and the server share a common key that is used to encrypt and decrypt network communication.