Duration: 3 days (7 hours per day)
Day 1 – Stateful Filtering, Connection Tracking & NAT
- Chapter 1: Stateful Packet Inspection
- Understanding connection tracking (
conntrack) - Stateful rules vs stateless rules
- Handling ESTABLISHED, RELATED, NEW connections
- Understanding connection tracking (
- Chapter 2: Advanced iptables Rules
- Custom chains for modular rule sets
- Using
mangletable for packet modification - NAT scenarios: SNAT, DNAT, Masquerading
- Chapter 3: Advanced nftables Concepts
- Tables, chains, hooks, and priorities
- Sets, maps, and concatenated keys
- State tracking in nftables
Day 2 – Traffic Control, Rate Limiting & Security
- Chapter 4: Rate Limiting & DoS Mitigation
- Using
limitandhashlimitmodules in iptables - nftables equivalents:
limit rate,quota - Dropping suspicious traffic patterns
- Using
- Chapter 5: Logging & Auditing
- Advanced logging with
LOG,NFLOG,ulogd2 - Monitoring traffic anomalies
- Alerting on unusual activity
- Advanced logging with
- Chapter 6: Firewall Policies for Security
- Default deny strategies
- Layered rules for DMZ, internal networks, VPN
- Blocking malformed packets, TCP flag attacks
Day 3 – Complex Deployment & Integration
- Chapter 7: Firewall Integration with Services
- Combining iptables/nftables with fail2ban
- Integrating with intrusion detection (Snort/Suricata)
- Automating rules deployment via scripts or Ansible
- Chapter 8: Advanced NAT & Port Forwarding
- Complex DNAT/SNAT scenarios
- Transparent proxying and load balancing
- Multi-interface routing rules
- Chapter 9: Troubleshooting & Performance Tuning
- Diagnosing dropped packets
- Debugging nftables/iptable rulesets
- Optimizing rule order and sets for high-performance