Kernel Korner - The Hidden Treasures of iptables

With these powerful add-ons for iptables you can match strings or port ranges in iptables rules or even create a tar pit for network abusers.
Acknowledgement

To Jane Lowth for drawing the figures of Tux.

Chris Lowth works as a consultant for Intercai Mondiale (www.intercai.co.uk), a UK-based telecommunications, IT and business consultancy. He designs security software and network management (OSS) solutions and attempts to play the guitar. Chris can be contacted at chris@lowth.com.

______________________

Comments

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

awsome

Anonymous's picture

great information, thanks alot.

Xtables-addons is the successor to patch-o-matic(-ng)

Danny Rawlins's picture

Xtables-addons is the successor to patch-o-matic(-ng). Likewise, it contains extensions that were not accepted in the main iptables package.

Xtables-addons is different from patch-o-matic in that you do not have to patch or recompile either kernel or Xtables(iptables).

http://jengelh.medozas.de/projects/xtables/

Thanks

Skis's picture

Wonderful ! thank you for this great post ! it really shows the power of iptables ! and this is juste a sample :)

Geek Guide
The DevOps Toolbox

Tools and Technologies for Scale and Reliability
by Linux Journal Editor Bill Childers

Get your free copy today

Sponsored by IBM

Webcast
8 Signs You're Beyond Cron

Scheduling Crontabs With an Enterprise Scheduler
On Demand
Moderated by Linux Journal Contributor Mike Diehl

Sign up now

Sponsored by Skybot