trite corp

Starting with shorewall Shorewall is a high-level firewall solution that uses iptables internally. shorewall intro quickstart guide for standalone firewall shorewall configuration files shorewall setup guide : in depth guide to setting up a shorewall environment operating shorewall Basic Configuration Config files are in /etc/shorewall. The main ones are: shorewall.conf : general server behaviour parameters zones : list of configured zones (default: 'net' + 'fw' ) from/to which packages can travel interfaces : associates zones with network interfaces (e.g. 'net' -> eth0) policy : default policy for connections from one zone to another (e.g. "net all DROP $LOG", "fw all ACCEPT $LOG", "all all REJECT $LOG" ) rules : exceptions to default policies (e.g " ACCEPT net fw tcp 80 " where 'ACCEPT' is the action, 'net' is the source zone, 'fw' is the destination zone, 'tcp' the protoc...

Here, we'll show some examples of common iptables commands. See iptables 101 for more background info. See the manpage for an overview of all cmds. See also: http://involution.com/iptables_demo/ https://help.ubuntu.com/community/IptablesHowTo http://varsecurity.blogspot.com/2009/03/iptables-tutorial.html Appending rules * Allow tcp traffic on port 8008 (rule is part of INPUT chain): -A INPUT -p tcp --dport 8008 -j ACCEPT * Allow all UDP traffic on ports 5432-5435 -A INPUT -p udp -m multiport --dports 5432,5433,5434,5435 -j ACCEPT * Allow packet that have ESTABLISHED or RELATED state: -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT Adding / Deleting chains * Add a new chain 'mychain' -N mychain * Make 'mychain' branch off from the INPUT chain (append or input as rule nr X) -A INPUT -j mychain -I INPUT 2 -j mychain Whenever you jump to a custom chain, the packet will first pass though the rules in the custom chain ('mychain'), then continue down the...

Shorewall to iptables On startup, shorewall translates its configuration into a set of iptables rules and loads them. You can see the contents of /var/lib/shorewall/.reload for the nitty-gritty details of how this done. This article tries to provide a basic overview of how shorewall configuration results in iptables chains and rules. In a follow up, we'll try to discover how you can mix a shorewall configuration with dynamicly added iptables rules. The translation is governed by some basic principles. For instance, a separate chain is created for every transition of traffic from one zone to another or to all. By conventions, these chains are called "{zone_name}2{zone_name}", where {zone_name} may be one of the zones or "all". For instance, the chain that contains the rules for the transition from "net" to "fw" will be called "net2fw". To show the translation from shorewall zones into iptables chains we'll use the configurat...

Some cool MIT tech

Intro Netfilter is the system compiled into the kernel which provides hooks into the IP stack which loadable modules can use to perform operations on packets. The actual Netfilter implementation is broken into two parts, the kernel portion known as Netfilter and the userland tool that interfaces with Netfilter and creates the rulesets, iptables . Concepts Tables A table is basically a collection of chains. There are 3 tables of concern: filter , nat and mangle . All tables have the opportunity to handle a packet (via their chains) going through the firewall, each at a different stage. See the 3rd video in the "Mastering IPTables" series below for details about the way a packet traverses the different tables and chains. The nat table performs network address translation. Built-in chains for nat are PREROUTING, POSTROUTING and OUTPUT. The mangle table is used to change packet properties. It has the same 3 built-in chains as the nat table. The filter table is used to filter...

Tracking the Progress of Multimedia Semantics - from MPEG-7 to Web 3.0 Presentation about archiving standards in the semantic web. Some parts need some ffwd, but overall view is interesting.

all about streaming video