1 00:00:00,00 --> 00:00:04,00 - [Instructor] Netfilter is a built-in Linux firewall. 2 00:00:04,00 --> 00:00:07,01 Every Linux distribution comes with netfilter 3 00:00:07,01 --> 00:00:10,09 because it's part of the Linux kernel. 4 00:00:10,09 --> 00:00:14,06 Iptable is a program built to configure 5 00:00:14,06 --> 00:00:17,02 the netfilter firewall. 6 00:00:17,02 --> 00:00:22,00 Iptables is a command line interface or CLI program 7 00:00:22,00 --> 00:00:24,02 which means that you have to rely 8 00:00:24,02 --> 00:00:29,04 on a Linux terminal program like this to use iptables. 9 00:00:29,04 --> 00:00:34,01 Here is what a basic iptables command looks like. 10 00:00:34,01 --> 00:00:35,09 Sudo 11 00:00:35,09 --> 00:00:40,03 iptables, 12 00:00:40,03 --> 00:00:42,02 dash L 13 00:00:42,02 --> 00:00:44,06 tap Enter. 14 00:00:44,06 --> 00:00:49,02 This command displays current iptable settings. 15 00:00:49,02 --> 00:00:54,02 If you want to view the manual of the iptables program, 16 00:00:54,02 --> 00:00:59,00 type man iptables. 17 00:00:59,00 --> 00:01:03,06 Press Enter. 18 00:01:03,06 --> 00:01:08,04 Netfilter organizes its ACL or access control list, 19 00:01:08,04 --> 00:01:10,00 using tables. 20 00:01:10,00 --> 00:01:15,00 ACL is a collection of accept and deny rules for a firewall 21 00:01:15,00 --> 00:01:19,01 which is netfilter in our case. 22 00:01:19,01 --> 00:01:23,01 Netfilter tables in turn contain chains 23 00:01:23,01 --> 00:01:26,05 that represent actual ACL rules. 24 00:01:26,05 --> 00:01:29,02 The default netfilter table is filter table 25 00:01:29,02 --> 00:01:35,01 which contains input, forward and output chains. 26 00:01:35,01 --> 00:01:36,07 Netfilter is a powerful tool, 27 00:01:36,07 --> 00:01:41,08 however, the tricky thing is configuration and maintenance. 28 00:01:41,08 --> 00:01:46,06 In this diagram, you can see a netfilter process flow. 29 00:01:46,06 --> 00:01:49,08 It visualizes all the inspection points 30 00:01:49,08 --> 00:01:54,07 a packet goes through when processed by netfilter. 31 00:01:54,07 --> 00:01:58,09 The process starts with pre-routing. 32 00:01:58,09 --> 00:02:02,00 Then depending on the routing decision, 33 00:02:02,00 --> 00:02:09,02 it's either forwarded or input into a local process. 34 00:02:09,02 --> 00:02:13,07 And then goes to the output inspection point. 35 00:02:13,07 --> 00:02:16,03 Finally, all the packets arrive 36 00:02:16,03 --> 00:02:19,06 at the post-routing inspection point. 37 00:02:19,06 --> 00:02:21,02 There are netfilter built-in tables 38 00:02:21,02 --> 00:02:23,05 other than the filter table, 39 00:02:23,05 --> 00:02:28,06 which has input, forward and output chains. 40 00:02:28,06 --> 00:02:32,08 For example, network address translation or nat 41 00:02:32,08 --> 00:02:36,00 is another netfilter table. 42 00:02:36,00 --> 00:02:42,03 Nat contains output, pre-routing and post-routing chains. 43 00:02:42,03 --> 00:02:47,00 The mangle table is used to manipulate packets. 44 00:02:47,00 --> 00:02:50,06 Netfilter and iptables provide a foundation 45 00:02:50,06 --> 00:02:53,00 for Linux firewalls. 46 00:02:53,00 --> 00:02:56,02 If you can configure netfilter through iptables 47 00:02:56,02 --> 00:02:59,04 you should be able to set up any other firewall products 48 00:02:59,04 --> 00:03:00,00 out there.