Reasonable filtering rules for Kernel-based Packet Screen

Asked By Willie B Blackwell 0 points N/A Posted on - 04/12/2012

For a kernel-based packet screen, what are the applicable/reasonable filtering rules for these?

• Status: Open
• Question Views: 931
• Answer Count: 1
• Vote Up 0 Vote Down

• Answer Accepted: No
• Question Category: Firewalls

Answered By Gado Cheryl 95 points N/A #130556

Reasonable filtering rules for Kernel-based Packet Screen

For a Kernel based packet screen, there are reasonably four filter rules which can be applied.

I am providing details of four, which are specifically written on Linux for ipfwadm.One is welcome to use these rules/principles on any others for packet screening on open source Unix systems .

The filer rules which can be applied are:

-A

Packet Accounting

-I

Input firewall

-O

Output firewall

-F

Forwarding firewall

Please remember that, ipfwadm also has capabilities of masquerading (-M) . Please look on ipfwadm main page for further information on switches and options.

Check the link- http://l7-filter.sourceforge.net/HOWTO to understand further about rules which can be applied for kernel based packet screen. Also http://www.cs.binghamton.edu/~steflik/cs455/firewalls-faq.html and https://wiki.wireshark.org/Performance can be checked for further understanding as well.

I guess that should get you the things sorted out.

Thanks.

About Gado Cheryl

Questions
1

Answers
191

Best Answers
28

• Vote Up 0 Vote Down

• Posted on - 05/09/2012
• Question Category: Firewalls