IPTables-Tutorial

A closer look at the ideas and approaches gleaned from Oskar Andreasson's IPTables-Tutorial is warranted. His tutorial influenced the direction of the Easy Firewall Generator more than any other single work. That's not surprising. The IPTables-Tutorial was one of the first works produced after the original netfilter HOWTOs. It has significantly impacted many subsequent works.

The three most significant influences on Easy Firewall Generator are listed below.

• The basic idea of using separate chains for each type of packet is presented in the iptables-tutorial. This generator does not implement it exactly the same way and further applies the concept to outbound packets traversing the FORWARD chain, but the iptables-tutorial is the original source of the idea.
• The idea of dropping NEW tcp packets that are not flagged as SYN packets is one I found only in the iptables-tutorial. Although I altered the manner in which it was invoked, I incorporated the general concept into this generator.
• The style of writing and organizing iptables rules used in the iptables-tutorial is, in my opinion, the clearest and easiest to read of all the styles I've seen. As such, I adopted that style for use in this generator.

If you have questions or issues with iptables that are not addressed by this generator, the IPTables-Tutorial is the best starting point for additional research. A link to it is maintained in the Resources page.

Close Window