Protecting What?

Discussion in 'other firewalls' started by Rico, Oct 26, 2007.

Thread Status:
Not open for further replies.
  1. wat0114

    wat0114 Guest

    Alpha, what does that mean??

    :)

    *EDIT*

    Okay, i Googled and found this...

    ...

    but I still don't know what it means.
     
  2. Alphalutra1

    Alphalutra1 Registered Member

    Joined:
    Dec 17, 2005
    Posts:
    1,160
    Location:
    127.0.0.0/255.0.0.0
    I commend you for googling :thumb: , but I will clear up the matter a bit.

    IPtables is used to make rulesets to tell the firewall what to do, and it controls netfilter which is a set of hooks inside the linux kernel used for packet filtering.

    So basically, iptables just controls a firewall that is built into the linux kernel to put it simply, but when people use the name, they usually refer to everything including iptables, netfilter, NAT, connection tracking, etc.

    That being said, IPtables is THE packet filter used in linux, so you can see that it is probably pretty powerful (wish it was pf, but then all of our wishes cannot come true unfortunately :D ).

    Cheers,

    Alphalutra1
     
  3. wat0114

    wat0114 Guest

    Thanks Alpha. It makes some sense to me now :)
     
  4. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    I was suprised you had not replied before (but,...better things to do, like most should have).

    Implimentations such as "IPtables" within a router, yes, I like such function. But to all users,.. is this not a possible problem as with any software firewall? (on how to config).
    As simple example. We have seen many posts concerning CHX-I. This for me is an excellent SPI packet filter, There are a number of pre-configs available, but, still basically~ understood/unsupported.

    Set and forget/ Yes possible for certain functions. But never a end for most.
     
  5. 19monty64

    19monty64 Registered Member

    Joined:
    Apr 10, 2006
    Posts:
    1,302
    Location:
    Nunya, BZ
    Just out of curiousity, I googled "dark side" and came up with a lot of "star wars" references but also found a dark side dot com that provided a good starting point for those looking to venture to the "dark side" in hopes of testing their security set-up. I did this strictly for research purposes!!! roflol
     
  6. Pedro

    Pedro Registered Member

    Joined:
    Nov 2, 2006
    Posts:
    3,502
    Alpha, i'm pretty sure iptables (was pretty sure ? lol) has two parts, that user space (command line) tool to configure, and the kernel part which does the filtering. Netfilter is something like the framework (i don't have jargon at my disposal, this is as good as it gets :D )

    I remember that i was confused when reading this, and still am a bit. It's not mentioned often.
     
  7. wat0114

    wat0114 Guest

    Out of curiosity I decided to check the user manual of one of D-Link's newest routers using SPI. Here is a quote with their description on how it works:

    D-Link Xtreme N™ Gigabit Router (DIR-655)

    So does this appear to be only partial SPI? It would seem so since it mentions conformance to protocol only.
     
  8. Alphalutra1

    Alphalutra1 Registered Member

    Joined:
    Dec 17, 2005
    Posts:
    1,160
    Location:
    127.0.0.0/255.0.0.0
    Direct quote from netfilter.org
    Cheers,

    Alphalutra1
     
  9. Pedro

    Pedro Registered Member

    Joined:
    Nov 2, 2006
    Posts:
    3,502
    Not sure if you're disagreeing with me. ?
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.