In this lesson, I'll talk about firewall basics. I'm going to show you three different kinds of firewalls, and show you the basics that each one of them has. Now in the next video, I'll show a larger firewall which has much, much more features, and we can get larger features out of some of the simpler firewalls. However, most firewalls operate in the same way. They look at source, they look at destination, and they look at the port that needs to be let out as well, let out or let in. So let's look at a Linux firewall real quick. I'm going to type in iptables- capital S. iptables is the kernel module for Linux that allows us to configure the firewall. So if we look here, I have several different policies. I have an input policy, which I'm dropping by default anything, Anything incoming, other than ACCEPT, so we'll talk about that here in a second. We have a forwarding policy that's set to ACCEPT. We have an OUTPUT policy which means that, anything could be initiated on the server and go out. Okay, so in Linux, we have several different options. So the A is just adding to the INPUT rule here, or pending to the INPUT policy. And that says, let's look at this rule real quick. It says input, or -A INPUT -s 127.0.0.1/32 -j ACCEPT. Let's look at that for a minute. So the -A I said already as the, we're adding this or we're pending it to the INPUT policy. The s means a source. So the source is 127.0.0.1/32, if you understand networking the /32 just means one IP address. That's the only IP address that's let through. The -j means, we're going to jump to the ACCEPT policy, and that's a policy that's inside and we can configure other policies. But we're going to accept that traffic. So if we scroll down to some of the other policies, let's look at a few here. Some other ones here, so we have, let's take this one for example. Okay, it's says, -a INPUT -s 224.0.0.0/4 -i which is interface, bond0, which is our interface that we called the bond and -j is again a DROP. We're going to jump to the DROP rule. If we scroll down even further, we start to get into what we really want to understand. So the policy that we have here. Let's pick on this policy right here, and we'll say the bond, the interface bond 0 -p means protocol. So protocol is udp, and my destination port is going to be 9993. And we're going to jump to the ACCEPT. So what this rule is doing is, anything that is coming in from port 9993 is ACCEPTED. Let's jump over to Windows Firewall real quick. The Windows Firewall is configured almost in the exact same way although we have a GUI for this. Now, in Linux systems, if you have a GUI on your Linux system, there are ways to put a GUI based firewall on your Linux system. But it is another package that you're going to have to download and manage. Now on Windows, for example, we can configure almost just the same amount of material. So if we go to inbound rules, we'll scroll through some of these here. Let's pick on iTunes, for example. So iTunes, the profile just like we have in policy on Linux system is going to be all. So enabled is going to be yes, action is going to be allow, and within Windows, we can also, we have a little bit more advanced features. Where its actually going to list here as you can see the program file C:/ProgramFiles /iTunes/iTunes.exe. So what that's doing is that's just allowing that application to go out and access iTunes. Now we can also create our own rules for Windows as well. And that is here. So, we'll just say we want to open a port, so it's going to be a TCP, which is a connection base protocol. Or UDP which is a connectionless base protocol. And, I'm going to select Next. So we'll just say TCP, let's do the same rule that I had on my Linux system, so 9993. And we're going to allow the connection, we're going to press Next, and we have different policies here. Our Domain policy only allows domain computers to access that rule. Our Private only means, the one in our trusted networks that we've trusted. Now, not all domain connections are trusted. But then we have also our Public which allows anybody to access it, so we'll just press Next and we'll call this, Logging. So we'll just say, Finish, and that's really about it. That's the simplest form of a firewall, is the source, the destination, and the port, or the protocol. So let's look at one more firewall here. This is actually a physical firewall that we have on campus. This is one of the smaller firewalls that we operate. And it's used for a very specific purpose. So I've added a new policy here, or I've clicked the new Policy tab. And, we can select the interface that it comes in and out of. We can select the source destination and the, I'm sorry, the source address and the destination address, and, The service. Now the service we've defined already in our Service tab. But HTTP, for example, covers both 80 and 8080. HTTPS would cover things like 443, because 443 is HTTPS protocol, the port that it runs on. So the action is again ACCEPT, and we can either ACCEPT or DENY. Now on Linux, this would be called drop. Some of the other advanced features that we have, we could turn on Antivirus or Application Control, but we'll talk about that in the next video. So what I wanted you to get out of this lesson is, the basic firewall rules, or the basic firewall commands stipulate the source, the destination, the port and the protocol as configuration items that we need to manage a firewall effectively. Now that's the basis of any firewall. In the next video, we will talk about advance firewalls which go into much, much more deeper detail of how we can control processes as a whole
