Since Linux servers can be connected to the Internet, it is very important to run a firewall to control what comes into the computer system, what goes out of the computer system, and what may be forwarded to another computer. A utility called '''iptables''' can be used to set the firewall rules on a Linux server.

Basically, there is a list ('''chain''') of policy rules that <u>'''packets'''</u> must pass-through in order to handle packets. If a packet matches a rule, then an action is taken (some examples include: '''ACCEPT''', '''DROP''', '''REJECT''', or '''LOG'''). If the packet passes through the chain of rules without a match, then the packet is directed to the default policy chain (for example: ''ACCEPT'', ''REJECT'', or ''DROP'').

You can create your own '''customized chains''' (which you will learn in the OPS335 course) but to keep thing simple, we only deal with 3 '''common predefined chains''':