User:ScotXW/Template:Firewall software/doc

This is a documentation subpage for User:ScotXW/Template:Firewall software. It may contain usage information, categories and other content that is not part of the original user template page.

Usage

1. The term "firewall" is not really defined. Beginners should familiarized themselves with netfilter or its successor nftables, they are both "packet filters", though actually they are capable of doing more stuff like e.g. NAT. It simply makes sense to combine these two very different functions. They have in common, that they handle datagrams, above the network stack and are kernel-parts. iptables is regularly confused with netfilter, though the relation is very simple: iptables is the user-space program to configure netfilter.
   1. Some people consider the usage of netfilter/iptables too complicated, so a couple of wrapper programs have been written: e.g. Uncomplicated Firewall uses iptables to configure netfilter. ;-)
2. It is thinkable to program a packet filter, that works in user-space and only for a certain user. Such is sometimes called a "personal firewall", because its meant to work for one user only. Often, such software is rather employed to prevent installed software to connect to the Internet without the user knowing or wanting this behavior, then the other way around.
3. proxy server software is completely different to a packet filter but still can act as a firewall, especially if the term firewall should not only refer to packet filters.
4. Computer appliances are separate and discrete hardware devices with integrated software; e.g. any Linksys WRT54G series with OpenWrt installed on it and with netfilter configured accordingly is a firewall/router appliance. With additional software and configuration it becomes a "hotspot appliance", etc. The numerous available Cisco, Juniper, Huawei, etc. products were not mentioned for reasons I don't understand, so maybe delete this section or create a separate navbar for it...
5. people who understand networking (Ethernet, Internet Protocol, etc.) will find some use in this navbar. Others will be confused beyond sissyland.