Documentation< Previous | Contents | Next >
7.4. Firewall or Packet Filtering
A firewall is a piece of computer equipment with hardware, software, or both that parses the in- coming or outgoing network packets (coming to or leaving from a local network) and only lets through those matching certain predefined conditions.
A filtering network gateway is a type of firewall that protects an entire network. It is usually installed on a dedicated machine configured as a gateway for the network so that it can parse all packets that pass in and out of the network. Alternatively, a local firewall is a software service that runs on one particular machine in order to filter or limit access to some services on that machine, or possibly to prevent outgoing connections by rogue software that a user could, willingly or not, have installed.
1https://docs.kali.org 2https://tools.kali.org
The Linux kernel embeds the netfilter firewall. There is no turn-key solution for configuring any firewall since network and user requirements differ. However, you can control netfilter from user space with the iptables and ip6tables commands. The difference between these two commands is that the former works for IPv4 networks, whereas the latter works on IPv6. Since both network protocol stacks will probably be around for many years, both tools will need to be used in parallel. You can also use the excellent GUI-based fwbuilder tool, which provides a graphical representa- tion of the filtering rules.
However you decide to configure it, netfilter is Linux’s firewall implementation, so let’s take a closer look at how it works.