linux_firewall_design_part_1

linux_firewall_design_part_1

W’s of Linux Firewall

What is a Firewall?

I personally have never heard or spoken of a firewall in a non-computing environment but it seems there is a reference to something called as a Firewall in the physical form which is a wall that isolates one side from the other, specially when one side is prone to having fire accidents (read attacks ) and the other side is particularly sensitive and needs protection against catching fire.

Drawing parallels to the computing world,
Sensitive side –> Your private network, LAN (Home or Enterprise).
Exposed side –> The Internet, WAN, could be another LAN.
Fire –> Unauthorised access, DDoS, SQL injection etc …basically anything that breaks the CIA triad.
Firwall –> A digital solution that helps in isolating the private LAN from public WAN or another LAN in the view of providing security.

Great! That’s a great analogy, let me pat myself on the back before we move forward. Slow claps. Thank you.

Now, the Firewalls (The computing ones) provide other functionlaity apart from security, which is routing, mangling, bypassing. This is so the case because of the overlaps in the implementation of routing and filtering( security ) requirements. If I were to overfit the above analogy, I’d say that the physical firewalls double up as barricades to redirect people or vehicular traffic to some other places. Go ahead, roll your eyes. Alt Text  

So, the Linux Firewall in particular is software solution that inspects data traffic across networks and makes decisions on whether to filter, modify, route the incoming or outgoing data. On the hindsight, looks like the customs-border control is a better analogy for the firewall. But hey, I didn’t the choose the name.

Where are the firewalls?

The firewalls are typically run at the gateways. The nodes that interface between two or more networks. Sometimes referred to as CPEs. It makes logical sense that first check point of the traffic happen at the outer most edge of the network.

When to and why use the firewalls?

I would argue that at least a basic configuration should always be run no matter always. You can’t be too carefull. Ever :)

How to Firewall?

A bird’s-eye view of how the firewall can be used has been presented here. In the following posts, we shall look try and look at the internal design of the Linux firewall subsystem, namely the netfilter.

Written on January 8, 2022