PacktLib: Designing and Implementing Linux Firewalls and QoS using netfilter, iproute2, NAT and l7-filter

Designing and Implementing Linux Firewalls and QoS using netfilter, iproute2, NAT, and L7-filter

Credits

About the Author

About the Reviewer

Preface

Networking Fundamentals

The OSI Model

The TCP/IP Model

OSI versus TCP/IP

IP Addressing, IP Subnetting, and IP Supernetting

How the Internet Works

Summary

Security Threats

Layer 1 Security Threats

Layer 2 Security Threats

Layer 3 Security Threats

Layer 4 Security Threats

Layer 5, 6, and 7 Security Threats

Summary

Prerequisites: netfilter and iproute2

netfilter/iptables

iproute2 and Traffic Control

Summary

NAT and Packet Mangling with iptables

A Short Introduction to NAT and PAT (NAPT)

NAT Using iptables

Packet Mangling with iptables

Summary

Layer 7 Filtering

When to Use L7-filter

How Does L7-filter Work?

Installing L7-filter

L7-filter Applications

IPP2P: A P2P Match Option

IPP2P versus L7-filter

Summary

Small Networks Case Studies

Linux as SOHO Router

Linux as Router for a Typical Small to Medium Company

Summary

Medium Networks Case Studies

Example 1: A Company with Remote Locations

Example 2: A Typical Small ISP

Summary

Large Networks Case Studies

Thinking Large, Thinking Layered Models

A Real Large Network Example

Summary