Published July 17th, 2003 by Jim O'Halloran
Firewall /proc entries
securityFocus has an informative article on the various /proc entries and how they can be used to improve security on a Linux firewall or router.
Most people, when creating a Linux firewall, concentrate soley on manipulating kernel network filters: the rulesets you create using userspace tools such as iptables (2.4 kernels,) ipchains (2.2 kernels,) or even ipfwadm (2.0 kernels).
However there are kernel variables — independent of any kernel filtering rules — that affect how the kernel handles network packets. This article will discuss these variables and the effect they have on the network security of your Linux host or firewall.