Linux Firewalls: Attack Detection and Response with iptables, psad, and fwsnort

Chapter 8. Debugging the Firewall Rules

So now the firewall is set up, installed, and activated. But nothing works! You're locked out. Who knows what's going on? Now what? Where do you even begin?

Firewall rules are notoriously difficult to get right. If you're developing by hand, bugs will invariably crop up. Even if you produce a firewall script with an automatic firewall-generation tool, your script undoubtedly will require customized tweaking eventually.

This chapter introduces additional reporting features of the iptables tool and other system tools. The information is invaluable when debugging your firewall rules. This chapter explains what the information can tell you about your firewall. The tools are crude. The process is tedious. Be forewarned.

For additional information on iptables reporting features, see the iptables man page and the "Linux 2.4 Packet Filtering HOWTO," by Rusty Russel.

Категории