Hide this

Results from Google Books

Click on a thumbnail to go to Google Books.

Linux Firewalls (3rd Edition) (Novell Press)…

Linux Firewalls (3rd Edition) (Novell Press)

by Steve Suehring

MembersReviewsPopularityAverage ratingConversations
251428,870 (3.83)None



Sign up for LibraryThing to find out whether you'll like this book.

No current Talk conversations about this book.

Linux Firewalls provides a good introduction to packet filtering and netfilter/iptables. The book's first chapter quickly covers the aspects of TCP/IP that are most relevant for someone implementing a packet filtering firewall. The fundamentals of how a packet filter and netfilter work come next. I consider these first chapters to be the strongest part of the book, they are well structured, clear and to the point.

The book then follows with an example for a simple home firewall, discusses rule optimization and gives some more advanced scenarios for a gateway, with several possibilities for how to organize a DMZ, while covering packet forwarding. These chapters are generally good but not as good as the first ones. There's a chapter on NAT, that I though was very good. Understanding when the source and destination addresses get changed and how this relates to the other chains can be tricky and the book really nails it. The final chapter directly related to firewalls, about debugging, is a mixed bag. I found it unnecessarily extensive, going on and on about basic and obvious things, such as explaining how to read a listing of the firewall rules.

The last chapters are related to other security technologies such as intrusion detection, monitoring, filesystem integrity and kernel enhancements. While some parts of it do provide useful information they feel like rushed filler material, especially considering that more advanced iptables related topics are neglected. As an example, in the last chapter the author says that first he will present a recipe style introduction to Grsec and then explain some features in more depth. The more in depth explanations are nowhere to be seen, however. There a couple more places where similar glitches are found.

Two important things related to packet filtering and iptables are missing in the book. There's no coverage of advanced logging. The ULOG target is just mentioned and a tool like syslog-ng that would allow you to use the LOG target and still filter logging into different files is not even mentioned. More importantly, connection state tracking, the part that allows netfilter to call itself a stateful firewall, doesn't have adequate coverage. The author says that even using a stateful firewall, rules that cover the case of the state tables getting full are still needed. I disagree with this, especially in the case of a dedicated firewall machine, where you have a lot of memory to spare and can allocate a lot of it for state tracking. Keeping a simple ruleset is extremely important and being able to rely on state tracking really helps in achieving that. How the state tracking works is superficially explained. Things such as seeing how many entries are being used or its internal state are missing. I don't know if this is because at the time the book was written there was less kernel support to get to this sort of information or if the author just missed them, but I consider them important nonetheless. If they were not an option when the book was written then it should at least be mentioned that such things are not possible. I had to do some mailing list research to figure out how to get to them. The book suffers from a problem that afflicts so many technical books - it wants to be everything to everyone.

However, I don't know of a better book related to netfilter and would recommend this one to someone that wants to learn more about it. I think it should be complemented with the "iptables tutorial" by Oskar Andreasson and with some research looking at example scripts that can be found online and reading mailing lists. ( )
  miguel.lourenco | Apr 29, 2007 |
no reviews | add a review
You must log in to edit Common Knowledge data.
For more help see the Common Knowledge help page.
Series (with order)
Canonical title
Original title
Alternative titles
Original publication date
Important places
Important events
Related movies
Awards and honors
First words
Last words
Disambiguation notice
Publisher's editors
Publisher series
Original language

References to this work on external resources.

Wikipedia in English (1)

Book description
Haiku summary

Amazon.com Amazon.com Review (ISBN 0672327716, Paperback)

TCP/IP packet handling may seem crystal clear when you first hear about it, but after you've configured your Ethernet card's netmask address, the details become rather vague. You might find yourself asking--if you were a Danish prince--"What is a packet, if its chief good and market of its time be but to route and wrap?" If routing and wrapping were all packets did, we would all enjoy our ignorance blissfully. But packets--like men, as the prince learned--can be hollow carriers of ill will, and excluding the bad ones requires us to understand what they really truly are. At last.

Just how interesting packets turn out to be is revealed in Linux Firewalls, Robert L. Zeigler's sober, agile, and subtle text. Narrowing consideration to threats faced by small networks from external sources, Zeigler and his editors introduce security by delivering prerequisite tutorials on packet architecture and normal network-based client/server daemon-to-daemon communications. Nonthreatening daemon-to-daemon communication is part of the regular operation of a networked POSIX-compliant operating system (like Linux or Windows NT), but the incessant background chatter makes finding hostile intrusions a search for sometimes subtle irregularities in a high throughput environment.

In fact, bombardment of networks with useless packets can create diversions for more pernicious attacks. Distinguishing the good packets from the potentially hostile or merely useless packets requires levels of filtering criteria that depend on the specifics of the network environment. Zeigler sorts out all of these issues and outlines practical network administration strategies for packet filtering.

Linux Firewalls is a how-to for the home Linux box, including the creating and debugging firewall rules for home LANs and network interfaces. For larger LAN users, Zeigler describes intrusion logging; configurations based on varying levels of trust; and the how, why, and when of reporting intrusions to network authorities.

In the wrong hands, firewall reports are either hyped-up cloak-and-dagger sensationalism or monotonous treatises in bitwise accounting. Zeigler strikes a middle ground with a book fit for members of the Linux community who are curious about what is happening over their TCP/IP connections. These are folks who have the prowess to build kernel releases on their own but who aren't necessarily wonks at developing kernel or device driver sources. --Peter Leopold

(retrieved from Amazon Thu, 12 Mar 2015 18:19:36 -0400)

"The Definitive Guide to Setting up and Configuring Linux Firewalls Linux Firewalls, Third Edition continues in the footsteps of its best-selling predecessors by providing an authoritative and thoroughly updated summary of how to implement a Netfilter/iptables firewall in Linux. Geared toward installations of all sizes, and written for individual users, system administrators, consultants, IT staff, and others who implement and support Linux systems, this book is distribution neutral, and includes examples from Linux kernel versions 2.4 and 2.6 in the SUSE, LINUX, Debian, and Red Hat distributions."--BOOK JACKET.… (more)

Quick Links

Swap Ebooks Audio
2 wanted2 pay

Popular covers


Average: (3.83)
3.5 1
4 2

Is this you?

Become a LibraryThing Author.


You are using the new servers! | About | Privacy/Terms | Help/FAQs | Blog | Store | APIs | TinyCat | Legacy Libraries | Early Reviewers | Common Knowledge | 111,773,878 books! | Top bar: Always visible