Der Paketfilter bei OpenWrt
Der Paketfilter bei OpenWrt
Über das Buch
OpenWrt bietet sich als alternatives Betriebssystem an für SOHO-Router, die nicht mehr oder zu selten aktualisiert werden. Aufgrund seiner Modularität eignet es sich auch für andere Projekte mit der unterstützten Hardware. Somit sind die Hürden, einen Router mit OpenWrt zu betreiben, sehr gering.
Dabei sollte nicht außer Acht gelassen werden, dass mit einem schlecht gewarteten Router sehr leicht beinahe jeder Zugriff auf die angeschlossenen Netzwerke und die darin enthaltenen Geräte erlangen kann.
Hier kann man mit dem in OpenWrt enthaltenen Paketfilter regulierend eingreifen.Wenn man die nötigen Kenntnisse besitzt.
Das ist das zentrale Thema des Buches: es will die nötigen Kenntnisse zum verantwortungsvollen Betrieb einer Paketfilter-Firewall, speziell mit Linux und insbesondere bei OpenWrt vermitteln. Dementsprechend sind die Schwerpunkte des Buches:
- grundlegende Kenntnisse über IP-Netzwerke für den Betrieb einer Paketfilter-Firewall,
- die Wirkungsweise des Netfilter-Systems bei Linux und
- die Konfiguration von Netfilter bei OpenWrt.
Ergänzt wird das Buch durch einige Kapitel, die sich speziellen praktischen Fragen rund um den Betrieb einer Paketfilter-Firewall mit OpenWrt widmen.
Inhaltsverzeichnis
-
- Vorwort
-
Allgemeine Fragen
- Was ist OpenWrt?
- Was kann ich damit machen?
- Möglichkeiten und Grenzen
- Alternativen zum OpenWrt-Paketfilter
-
Grundlagen Netzwerkprotokolle
- Aufgaben eines Paketfilters
- Um welche Protokolle geht es?
- IPv4 für den Firewall-Administrator
- IPv6 für den Firewall-Administrator
- Gleichzeitiger Betrieb von IPv4 und IPv6
- ICMP und IGMP
- ICMPv6 für den Firewall-Administrator
- Network Address Translation
-
Grundlagen OpenWrt Paketfilter
- Netfilter: Kernel-Komponenten
- Netfilter: Benutzerprogramme
- Besonderheiten des Linux-Kernels
- Ein Modell der Firewall-Regeln bei OpenWrt
- Die Webschnittstelle LuCI
- Die zentrale Konfigurationsschnittstelle UCI
-
Praktische Fragen
- Wie ermittle ich meine persönlichen Anforderungen?
- Auswahl von Hardware und Software
- Härten des Systems
- Testen der Firewall
- Monitoring
- Kann ich Paketfilter umgehen?
- Wo platziere ich ein Tunnel-Gateway?
- Wie dokumentiere ich das System?
- Zusätzliche Software
- System aktualisieren
-
Anhang
- Analyse von Iptables-Firewalls
- Risikoanalyse
- Sicherheitsrichtlinien
- Glossar
- Literatur
- Kolophon
- Index
Unterstützte Institutionen

Electronic Frontier Foundation
Defending your civil liberties in a digital world.
https://www.eff.org/Based in San Francisco, EFF is a donor-supported membership organization working to protect fundamental rights regardless of technology.
Die bedingungslose Leanpub, Kein Risiko, 100% zufrieden Garantie
Innerhalb von 60 Tagen ab Kauf kannst du dein Geld zu 100% zurückverlangen, bei jedem Leanpub-Kauf, in nur zwei Klicks. Wir bearbeiten die Erstattungen manuell, daher dauert es ein paar Tage, bis der Betrag ankommt.
Lese die kompletten Bedingungen.
80% Royalties. Earn $16 on a $20 book.
We pay 80% royalties. That's not a typo: you earn $16 on a $20 sale. If we sell 5000 non-refunded copies of your book or course for $20, you'll earn $80,000.
(Yes, some authors have already earned much more than that on Leanpub.)
In fact, authors have earned$12,046,757writing, publishing and selling on Leanpub.
Learn more about writing on Leanpub
Free Updates. DRM Free.
If you buy a Leanpub book, you get free updates for as long as the author updates the book! Many authors use Leanpub to publish their books in-progress, while they are writing them. All readers get free updates, regardless of when they bought the book or how much they paid (including free).
Most Leanpub books are available in PDF (for computers), EPUB (for phones, tablets, and Kindle). The formats that a book includes are shown at the top right corner of this page.
Finally, Leanpub books don't have any DRM copy-protection nonsense, so you can easily read them on any supported device.
Learn more about Leanpub's ebook formats and where to read them
Top Books
OpenIntro Statistics
David Diez, Christopher Barr, Mine Cetinkaya-Rundel, and OpenIntroA complete foundation for Statistics, also serving as a foundation for Data Science.
Leanpub revenue supports OpenIntro (US-based nonprofit) so we can provide free desk copies to teachers interested in using OpenIntro Statistics in the classroom and expand the project to support free textbooks in other subjects.
More resources: openintro.org.
Talking with Tech Leads
Patrick KuaA book for Tech Leads, from Tech Leads. Discover how more than 35 Tech Leads find the delicate balance between the technical and non-technical worlds. Discover the challenges a Tech Lead faces and how to overcome them. You may be surprised by the lessons they have to share.The Rails 7 Way
Obie Fernandez, Lucas Dohmen, and Tom Henrik AadlandThe Rails™ 7 Way is the comprehensive, authoritative reference guide for professionals delivering production-quality code using modern Ruby on Rails. It illuminates the entire Rails 7 API, its most powerful idioms, design approaches, and libraries. Building on the previous editions, this edition has been heavily refactored and updated.
Mastering STM32 - Second Edition
Carmine NovielloWith more than 1200 microcontrollers, STM32 is probably the most complete ARM Cortex-M platform on the market. This book aims to be the most complete guide around introducing the reader to this exciting MCU portfolio from ST Microelectronics and its official CubeHAL and STM32CubeIDE development environment.
JavaScript for hackers
Gareth HeyesLearn how to find interesting behaviour and flaws in JavaScript. Reading this book you will find the latest and greatest techniques for hacking JavaScript and generating XSS payloads. Includes ways to construct JavaScript using only +[]()! characters. Never heard of DOM Clobbering? This book has all the details.
Functional Event-Driven Architecture
Gabriel VolpeExplore the event-driven architecture (EDA) in a purely functional way. Learn to design and develop distributed systems that scale. Identify common design patterns in such systems.
Take your functional programming skills to the next level by joining me in developing a distributed system powered by Apache Pulsar and Fs2 streams, all in Scala 3!
Build Your Own Redis with C/C++
build-your-own.org- Why build Redis? Two topics to learn: network programming and data structures.
- Why from scratch? A quote from Richard Feynman: "What I cannot create, I do not understand".
- Why C? C is widely used for system programming and infrastructure software.
- Why a book? The real Redis is complex, this book breaks down the essense into easy-to-digest steps.
Machine Learning Q and AI
Sebastian Raschka, PhDHave you recently completed a machine learning or deep learning course and wondered what to learn next? With 30 questions and answers on key concepts in machine learning and AI, this book provides bite-sized bits of knowledge for your journey to becoming a machine learning expert.
Implementing DDD, CQRS and Event Sourcing
Alex LawrenceLearn how to implement DDD, CQRS and Event Sourcing. Understand the theory and put it into practice with JavaScript and Node.js. Utilize an extensive source code bundle and an interactive execution feature for a hands-on experience.
Ansible for DevOps
Jeff GeerlingAnsible is a simple, but powerful, server and configuration management tool. Learn to use Ansible effectively, whether you manage one server—or thousands.
Top Bundles
- #1
Software Architecture
2 Books
"Software Architecture for Developers" is a practical and pragmatic guide to modern, lightweight software architecture, specifically aimed at developers. You'll learn:The essence of software architecture.Why the software architecture role should include coding, coaching and collaboration.The things that you really need to think about before... - #2
CCIE Service Provider Ultimate Study Bundle
2 Books
Piotr Jablonski, Lukasz Bromirski, and Nick Russo have joined forces to deliver the only CCIE Service Provider training resource you'll ever need. This bundle contains a detailed and challenging collection of workbook labs, plus an extensively detailed technical reference guide. All of us have earned the CCIE Service Provider certification... - #3
Modern C++ Collection
3 Books
Get All about Modern C++C++ Standard Library, including C++20Concurrency with Modern C++, including C++20C++20Each book has about 200 complete code examples. Updates are included. When I update one of the books, you immediately get the updated bundle. You can expect significant updates to each new C++ standard (C++23, C++26, .. ) and also... - #4
Pattern-Oriented Memory Forensics and Malware Detection
2 Books
This training bundle for security engineers and researchers, malware and memory forensics analysts includes two accelerated training courses for Windows memory dump analysis using WinDbg. It is also useful for technical support and escalation engineers who analyze memory dumps from complex software environments and need to check for possible... - #5
1500 QUIZ COMMENTATI (3 libri)
3 Books
Tre libri dei QUIZ MMG Commentati al prezzo di DUE! I QUIZ dei concorsi ufficiali di Medicina Generale relativi agli anni: 2000-2001-2003-2012-2013-2014-2015-2016-2017-2018-2019-2020-2021 +100 inediti Raccolti in unico bundle per aiutarvi nello studio e nella preparazione al concorso. All'interno di ogni libro i quiz sono stati suddivisi per... - #6
Practical FP in Scala + Functional event-driven architecture
2 Books
Practical FP in Scala (A hands-on approach) & Functional event-driven architecture, aka FEDA, (Powered by Scala 3), together as a bundle! The content of PFP in Scala is a requirement to understand FEDA so why not take advantage of this bundle!? - #9
Growing Agile: The Complete Coach's Guide
7 Books
Growing Agile: Coach's Guide Series This bundle provides a collection of training and workshop plans for a variety of agile topics. The series is aimed at agile coaches, trainers and ScrumMasters who often find themselves needing to help teams understand agile concepts. Each book in the series provides the plans, slides, handouts and activity... - #10
Mastering Containers
2 Books
Docker and Kubernetes are taking the world by storm! These books will get you up-to-speed fast! Docker Deep Dive is over 400 pages long, and covers all objectives on the Docker Certified Associate exam.The Kubernetes Book includes everything you need to get up and running with Kubernetes!