Mastering IPTables, Part I

This has to be one of the most comprehensible tutorial on iptables i've seen anywhere. Thank you for shining the light on this subject. Looking forward to wacth your future vids.

The blue letters are comments, they're not needed.

I understand that - Input Chain match packets wich destination is the Firewall itself and OUTSIDE Chain match packets that were originated inside of the Firewall, Forward chain is for packets that pass through it.

INPUT through firewall?????? What?? OUTPUT through FIREWALL??? Forward through other host??? NONONONONONONONON PLease d´ont help us!!!!!

lol i found a neat book,
amazon* c o m/Linux-Firewalls-Detection-Re sponse-iptables/dp/1593271417/ ref=sr_1_1?ie=UTF8&s=books&qid =1242065650&sr=1-1

input = Dest. Firewall
output = Source Firewall
Forward = through firewall

fascinating.

/me bookmarks

why don't you just do IPTABLES=`which iptables` instead of using whereis? This way is more portable too.

That would be a potential security hole, especially if someone is able to manipulate the system path and place another "iptables" executable somewhere else on your system that gets run instead. You always explicitly declare your paths for maximum safety.

If someone would have access to my machine and be able to change the path of iptables which would mean that the intruder probably has root access to my machine, I think that would mean I'm already screwed and the intruder can do whatever he wants. An absolute path wouldn't help at all.