David Rudder wrote this original version of this Firewall-HOWTO, these many moons ago, and I'd still like to thank him for allowing me to update his work.
I'd also like to thank Ian Gough for kindly assisting a this dislexic writer.
Firewalls have gained great popularity as the ultimate in Internet Security. Like most hot subject they are also often misunderstood. This HOWTO will go over the basics of what a firewall is and how to set one up.
I am using kernel 2.2.13 and RedHat 6.1 to develop this howto so the examples here are based on this distribution. If you find differences in your distribution, please email me and I'll update this howto.
Any feedback is very welcome. PLEASE REPORT ANY INACCURACIES IN THIS PAPER!!! I am human, and prone to making mistakes. If you find a fix for anything please send it to me. I will try to answer all e-mail, but I am busy, so don't get insulted if I don't.
My email address is
I AM NOT RESPONSIBLE FOR ANY DAMAGES INCURRED DUE TO ACTIONS TAKEN BASED ON THIS DOCUMENT. This document is meant as an introduction to how firewalls and proxy servers work. I am not, nor do I pretend to be, a security expert. ;-) I am just some guy who has read too much and likes computers more than most people. Please, I am writing this to help people get acquainted with this subject, and I am not ready to stake my life on the accuracy of what is in here.
Unless otherwise stated, Linux HOWTO documents are copyrighted by their respective authors. Linux HOWTO documents may be reproduced and distributed in whole or in part, in any medium physical or electronic, as long as this copyright notice is retained on all copies. Commercial redistribution is allowed and encouraged; however, the author would like to be notified of any such distributions.
All translations, derivative works, or aggregate works incorporating any Linux HOWTO documents must be covered under this copyright notice. That is, you may not produce a derivative work from a HOWTO and impose additional restrictions on its distribution. Exceptions to these rules may be granted under certain conditions; please contact the Linux HOWTO coordinator.
In short, we wish to promote dissemination of this information through as many channels as possible. However, we do wish to retain copyright on the HOWTO documents, and would like to be notified of any plans to redistribute the HOWTOs.
If you have any questions, please email me. (See Above)
Several years ago, while working for the State of Oklahoma as their "Internet Administrator" I was ask to "put the State on the Internet", with no budget. (Note: There was no such title at the time. I was just the guy doing all the work.) The best way to make this happen was to use as much free software and junk hardware as I could. Linux and a bunch of old 486s were all I had to work with.
Commercial firewalls are VERY over priced and the documentation on how they work is considered almost top secret. I found creating a firewall of my own was almost impossible.
At my next job, I was asked to put in a firewall. Linux had just added firewall code. So again with no budget I started building a firewall with Linux. Six months later my firewall was in place and this document was updated.
[ More URLS go here ]