Abstract
Chapter 8 discusses the IPv6 subsystem implementation. This chapter discusses the netfilter subsystem. The netfilter framework was started in 1998 by Rusty Russell, one of the most widely known Linux kernel developers, as an improvement of the older implementations of ipchains (Linux 2.2.x) and ipfwadm (Linux 2.0.x). The netfilter subsystem provides a framework that enables registering callbacks in various points (netfilter hooks) in the packet traversal in the network stack and performing various operations on packets, such as changing addresses or ports, dropping packets, logging, and more. These netfilter hooks provide the infrastructure to netfilter kernel modules that register callbacks in order to perform various tasks of the netfilter subsystem.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Author information
Authors and Affiliations
Rights and permissions
Copyright information
© 2014 Rami Rosen
About this chapter
Cite this chapter
Rosen, R. (2014). Netfilter. In: Linux Kernel Networking. Apress, Berkeley, CA. https://doi.org/10.1007/978-1-4302-6197-1_9
Download citation
DOI: https://doi.org/10.1007/978-1-4302-6197-1_9
Published:
Publisher Name: Apress, Berkeley, CA
Print ISBN: 978-1-4302-6196-4
Online ISBN: 978-1-4302-6197-1
eBook Packages: Professional and Applied ComputingProfessional and Applied Computing (R0)Apress Access Books