[SATLUG] network+ training near san antonio

Bruce Dubbs bruce.dubbs at gmail.com
Mon Dec 3 11:38:42 CST 2007


Leif Johnson wrote:
> 
> I did a few Skillpath / Compumaster classes. Not too bad, but kind of
> costly. Anyone interested in teaching a full day of IPTABLES training in
> SA in April? Boy could I use that!

iptables is not that hard.  Ultimately, it comes down to doing one of
three things with a packet: ACCEPT, REJECT, or DROP and the use of
REJECT is rare.  The real issue is knowing what to drop and what to accept.

You do also have to have a fairly good knowledge of the internet
protocols at the link, ip, and tcp layers to match the packets you
decide to ACCEPT or DROP.  Probably 90% of the time you only need to
know -s, -d, and -p (source IP, destination IP, and protocol).

There are other things too like masquerading/address translation or
accounting/logging, but those issues are not that common.  Simple
masquerading is a one liner.

There are some good tutorials at
http://www.netfilter.org/documentation/index.html#documentation-howto

  -- Bruce


More information about the SATLUG mailing list