If a service (or port) is blocked in both TCPwrapper and Iptables, which will block the request first and why?
Asked
Active
Viewed 3,569 times
1
Gilles 'SO- stop being evil'
- 807,993
- 194
- 1,674
- 2,175
prado
- 920
- 1
- 11
- 33
-
3IPtables. TCPwrappers come into play only after the TCP connection has been established; it can close connections, but it can't prevent them from being opened. – Satō Katsura Nov 11 '16 at 10:11
-
1e.g. tcpwrappers are a construct only established at app level in user land. – Rui F Ribeiro Nov 11 '16 at 10:16
2 Answers
2
Answer: Its Iptable(firewall).
Why?
In simple words, TCPwrapper comes in between firewall and network Services.
In the OSI model, the TCPwrapper works in Application layer while iptable works mostly in Transport layer.
Source:: Access Control Using TCP-wrappers
prado
- 920
- 1
- 11
- 33
1
iptables (netfilter) is kernelspace, tcp wrappers are userspace.
Ipor Sircer
- 14,376
- 1
- 27
- 34
-
1That's true, but it doesn't have any bearing on the question. – Gilles 'SO- stop being evil' Nov 11 '16 at 23:33