Thanks to visit codestin.com
Credit goes to www.scribd.com

Scribd
Upload
8 views3 pages

D

The document outlines the process of handling incoming network packets using Netfilter and iptables NFQUEUE. It details how packets are sent to a firewall program, where their information is extracted and compared against firewall rules to determine whether to block or allow them. Based on the comparison, packets are either dropped with a 'BLOCK' message or forwarded to their destination with an 'ALLOW' message.

Uploaded by

ispande.ekta23
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
8 views3 pages

D

The document outlines the process of handling incoming network packets using Netfilter and iptables NFQUEUE. It details how packets are sent to a firewall program, where their information is extracted and compared against firewall rules to determine whether to block or allow them. Based on the comparison, packets are either dropped with a 'BLOCK' message or forwarded to their destination with an 'ALLOW' message.

Uploaded by

ispande.ekta23
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 3

+------------------------------+

| Incoming Network Packet |

+------------------------------+

+------------------------------+

| Netfilter (iptables NFQUEUE) |

+------------------------------+

+------------------------------+

| NFQUEUE Sends Packet to |

| Firewall Program (C Code) |

+------------------------------+

+------------------------------+

| Extract Packet Information |

| (IP, Port, Protocol) |

+------------------------------+

+------------------------------+

| Compare Against Firewall |

| Rules (Loop) |

+------------------------------+

+--------------------+--------------------+

| |

▼ ▼

+--------------------+ +--------------------+
| Rule Matches (Block) | | Rule Doesn't Match |

| -> NF_DROP | | -> NF_ACCEPT |

+--------------------+ +--------------------+

| |

▼ ▼

+--------------------+ +--------------------+

| Drop Packet (BLOCK)| | Allow Packet (PASS) |

| Print "BLOCK" Msg | | Print "ALLOW" Msg |

+--------------------+ +--------------------+

+------------------------------+

| Forward Packet to |

| Destination (if ALLOWED) |

+------------------------------+ +------------------------------+

| Incoming Network Packet |

+------------------------------+

+------------------------------+

| Netfilter (iptables NFQUEUE) |

+------------------------------+

+------------------------------+

| NFQUEUE Sends Packet to |

| Firewall Program (C Code) |

+------------------------------+

+------------------------------+
| Extract Packet Information |

| (IP, Port, Protocol) |

+------------------------------+

+------------------------------+

| Compare Against Firewall |

| Rules (Loop) |

+------------------------------+

+--------------------+--------------------+

| |

▼ ▼

+--------------------+ +--------------------+

| Rule Matches (Block) | | Rule Doesn't Match |

| -> NF_DROP | | -> NF_ACCEPT |

+--------------------+ +--------------------+

| |

▼ ▼

+--------------------+ +--------------------+

| Drop Packet (BLOCK)| | Allow Packet (PASS) |

| Print "BLOCK" Msg | | Print "ALLOW" Msg |

+--------------------+ +--------------------+

+------------------------------+

| Forward Packet to |

| Destination (if ALLOWED) |

+------------------------------+

You might also like