IPTABLES & FIREWALL - 1

IPTABLES / FIREWALL INTERVIEW QUESTIONS AND ANSWERS

                                                     PAGE - 1

1..What Is  Firewall?

A firewall is a hardened and trusted host that acts as a choke point among a group of networks  All network traffic among the affected networks is routed through the firewall. The firewall host is configured with a set of rules that determine which network traffic will be allowed to pass and which will be blocked or refused

2..What is iptables?

Iptables is a generic table structure that defines rules and commands as part of the netfilter framework that facilitates Network Address Translation (NAT), packet filtering, and packet mangling in the Linux

3..What is the meaning of Netfilter?

The Linux kernel’s network packet processing subsystem is called Netfilter

4..What are all the contents of iptables?

iptables comes with three built-in tables: filter, mangle, and nat.

5..Explain packet  flow?

Packets traverse chains, and are presented to the chains’ rules one at a time in order. If the packet does not match the rule’s criteria, the packet moves to the next rule in the chain

6..What you mean by NAT?

NAT is the modification of the addresses and/or ports of network  packets as they pass through a computer. The computer performing NAT on the packets could be the source or destination of the packets, or it could be one of the computers on the route between the source and destination.

7..What is  the difference between  iptables and Netfilter?

There may be some confusion about the difference between Netfilter and iptables. Netfilter is an infrastructure; it is the basic API that the Linux  kernel offers for applications that want to view and manipulate network packets. Iptables is an interface that uses Netfilter to classify and act on packets.

Although the Netfilter infrastructure is incredibly extensible, right now there are only four modules built on top of it: the ipchains and ipfwadm backward-compatibility modules (to allow older scripts to work with newer kernels, but without newer features), the iptables system

8..What is the difference  between iptables and  ipchains?

Both ipchains and iptables use chains of rules that operate within the Linux kernel to filter packets based on matches with specified rules or rule sets. However, iptables offers a more extensible way of filtering packets, giving the administrator greater control without building undue complexity into the system.

9..what is difference between iptables and tcp wrappers?

tcpwrappers is implemented in the User space of Linux and can be used only with xinetd based services and works at application layer where as IPTABLES is implemented in the Kernel space of Linux and works in internet layer which of course can be extended to other layers by using various modules.

Tcp wrappers is dependent on libwrap.so module with iptables you can restrict access to any ports / protocols or service however tcp wrappers can only be used with selected applications.

10..What  you can I do with netfilter / iptables?

A..build internet firewalls based on stateless and stateful packet Filtering

B..Deploy highly available stateless and stateful firewall clusters

C..Use NAT and masquerading for sharing internet access if you don't have enough public IP addresses

D..Use NAT to implement transparent proxies

E..Aid the tc and iproute2 systems used to build sophisticated QoS and policy routers

F..Do further packet manipulation (mangling) like altering the TOS/DSCP/ECN bits of the IP header