Linux Firewall Management Tools Overview

Two systems built-in to Ubuntu manage network routing: route (a legacy system) and ip route. Both use the same underlying code, yet report networking context a bit differently. Ip route has a larger command set. Although route has been deprecated for some time, I still find it useful under some circumstances as it provides a different perspective of the routing table not available with ip route.

Route and ip route view and manipulate network routes. A route informs your server where to find other network devices it wants to talk to, based on the destination network address. You can visualize route and ip route as a system of roadways and iptables as a system of traffic lights that regulates the flow of traffic on the roadways. Of course, you could just use route and ip route, and you'd be able to route network traffic just fine. What you would lose is the ability to fine-tune the traffic's behavior. Route and ip route control where things go, while iptables controls what goes where. Route is a system of conduits, while iptables filters the data inside those pipes.

To make things a bit more complicated, there is another filtering tool called ip rules that is part of the routing system called a Routing Policy DataBase (RPDB). Ip rules allows the use of multiple independent routing tables plus filtering algorithms capable of controlling when traffic is filtered and to which routing table. It may be possible to use ip rules, not use iptables, and accomplish your goals. However, as you'll see later on, iptables is more powerful.

Here's a quick-reference diagram demonstrating the relationship between commands and processes.

Figure 4: Linux Networking Concepts and Associated Tools


And here's a high-level overview of the process flow.

Figure 5: Packet Routing Tree