Linux firewall concept

1) Firewall concept is mainly used for enterprise data packet transmission to intercept, filter,
to meet the conditions to do some action, closed to traffic or running traffic, divided into the following
two kinds of firewall types:
 hardware firewall (Cisco, Huawei , Hillstone)
 software firewall (Iptables, firewalld)
2) IPtables is software that comes with the level of fire protection based on packet filters in Linux systems
wall, Iptables mainly work in the OSI seven two, three, four layers (data link
layer, network layer, transport layer);
. 3) IPtables is a table and rule configuration, the product of which is a filter rule, and the rule
is stored in a table, wherein the table stores the Linux kernel, usually called firewall:
the Netfilter / iptables, in fact Netfilter and iptables different probability
concept;
. 4) Netfilter Linux kernel module, part of the kernel spatial level, default system
installation is complete, integrated in the Linux kernel module, the main memory data filtering table,
the table stored in the filtering rule;
5) Iptables Linux system is the software belongs to the user space level, the default system security
installation is complete Integrated in the Linux operating system, the underlying main Netfilter management
module, the underlying data for Netfilter filter table and convenient management rules;