Abstract
- Configuration files in Linux that act as gatekeepers with rules that control where data can flow
- Contains pattern-matching rules (regex, IP range and keywords) and actions (
ACCEPT
,DROP
,LOG
)
4 Types
Network filters:
- Block/allow IP Address or Network Port
- Example: Netfilter and firewall configs
Log filters:
- Process log entries by severity, source or content
- Example: fail2ban and rsyslog.conf
Access filters:
- Control user/service permissions
- Example:
hosts.allow/deny
, sudoersContent filters:
- Process data streams or files
- Example: web server rules, email filters