Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision Next revisionBoth sides next revision | ||
| inbox:firewall:overview [2018/09/16 12:09] – ↷ Page moved from inbox:firewall:firewall3:overview to inbox:firewall:overview bobafetthotmail | docs:guide-user:firewall:overview [2021/08/02 19:59] – formatting vgaetera | ||
|---|---|---|---|
| Line 1: | Line 1: | ||
| - | ====== | + | ====== |
| - | Firewall3 | + | OpenWrt uses the firewall3 |
| - | in user-space to parse a configuration file into a set of '' | + | It runs in user-space to parse a configuration file into a set of '' |
| - | sending each to the kernel netfilter modules. | + | |
| - | ===== fw3 Purpose | + | ===== fw3 purpose |
| The netfilter rule set can be very complex for a typical router. | The netfilter rule set can be very complex for a typical router. | ||
| necessity; each rule is tailored to a discrete capability provided by the router | necessity; each rule is tailored to a discrete capability provided by the router | ||
| to protect its supported networks, provide | to protect its supported networks, provide | ||
| - | [[inbox: | + | [[docs: |
| addresses, even '' | addresses, even '' | ||
| over 100 rules designed to support packet routing. | over 100 rules designed to support packet routing. | ||
| Line 34: | Line 33: | ||
| capability or **blocks** malicious capability, and therefore necessary. | capability or **blocks** malicious capability, and therefore necessary. | ||
| - | ===== fw3 Description | + | ===== fw3 description |
| fw3 is a user-space application similar in nature to the | fw3 is a user-space application similar in nature to the | ||
| [[https:// | [[https:// | ||
| Line 47: | Line 46: | ||
| | | ||
| ===== fw3 process control ===== | ===== fw3 process control ===== | ||
| - | The fw3 application uses the procd subsystem to for management. | + | '' |
| - | interface | + | |
| set of arguments: | set of arguments: | ||
| Line 54: | Line 52: | ||
| * '' | * '' | ||
| * '' | * '' | ||
| - | * '' | + | * '' |
| - | | + | * '' |
| + | |||
| + | Behind the scenes, ''/ | ||
| :!: When invoking '' | :!: When invoking '' | ||
| - | Those rules automatically generated by '' | + | Those rules automatically generated by '' |
| - | and the default policy is set to '' | + | |
| - | and through | + | :!: If **all** |
| - | router would provide no security. | + | |
| + | In cases where the router becomes inaccessible due to '' | ||
| + | |||
| + | * Connecting via [[docs: | ||
| + | * Performing a [[docs: | ||
| + | |||
| + | ===== fw3 references ===== | ||
| + | Source Code on GitHub: [[https:// | ||