1
00:00:00,000 --> 00:00:11,320
To understand firewalling in Linux, you need to know that it all is implemented in the

2
00:00:11,320 --> 00:00:12,820
kernel.

3
00:00:12,820 --> 00:00:18,360
In the kernel, we have a framework, and this framework is called NetFilter.

4
00:00:18,360 --> 00:00:22,600
And NetFilter is providing three different interfaces.

5
00:00:22,600 --> 00:00:26,600
The most important interfaces are the different chains.

6
00:00:26,600 --> 00:00:33,439
So the chains are input for incoming packages, we have forward, which is going to be if this

7
00:00:33,439 --> 00:00:39,520
system is a router, and we have output, which is going to filter outgoing traffic.

8
00:00:39,520 --> 00:00:42,360
Now what are you going to do to manage your firewall?

9
00:00:42,360 --> 00:00:46,240
Well, you need to get them into NetFilter in some way.

10
00:00:46,240 --> 00:00:49,060
And there are different solutions in order to do so.

11
00:00:49,060 --> 00:00:58,540
In the old days, it was IP tables, nowadays, NFT, the NetFilter tables is the default.

12
00:00:58,540 --> 00:01:05,220
And using IP tables or NFT, you write rules into your input chain, or you write rules

13
00:01:05,220 --> 00:01:06,860
into your output chain.

14
00:01:06,860 --> 00:01:11,860
And these are always processed for every single packet that comes into your system.

15
00:01:11,860 --> 00:01:17,699
Now IP tables and NF tables are a little bit complex, and that is why there is also front-end

16
00:01:17,699 --> 00:01:19,099
utilities.

17
00:01:19,099 --> 00:01:24,800
And these front-end utilities are firewalld and ufw.

18
00:01:24,800 --> 00:01:28,300
These write either to IF tables or NF tables.

19
00:01:28,300 --> 00:01:32,940
And the result is that you get your rules into the input chain or in the output chain

20
00:01:32,940 --> 00:01:36,379
to process the incoming and outgoing packets.

21
00:01:36,379 --> 00:01:39,180
In the next couple of videos, you'll learn how to work with these tools.