iptables is the packet filter implemented on many unix platforms. Fedora Core uses iptables.

1. Defining Rules

    Allow input via tcp on port 22 over the external interface "eth0":

        bash# iptables -I INPUT -i eth0 -p tcp --destination-port 21 -j ACCEPT

2. Location

    FC stores is iptables configuration in /etc/sysconfig/iptables

3. FC and saving iptables rules

    To make a rule permenant, configure the rule with iptables and then
    save them with the "iptables-save" command, redirecting the output
    to /etc/sysconfig/iptables

        bash# /sbin/iptables-save > /etc/sysconfig/iptables

X. Flushing iptables chains

The currently defined iptables chains can be flushed with the -F option and the chains themselves can be deleted with -X

Displaying the current chains and rules:

bash # iptables -L
Chain INPUT (policy ACCEPT)
target                    prot opt source               destination         
ufw-before-logging-input  all  --  anywhere             anywhere          
[snip]

Chain ufw-before-input (1 references)
target     prot opt source               destination         
ACCEPT     all  --  anywhere             anywhere 

[snip]

Flushing the rules:

bash # iptables -F

the chains will still exist after the flush (e.g., "ufw-before-input" and so on in the previous example). To delete the chains, issue:

bash # iptables -X

Displaying the current chains and rules:

4. IPTables for BitTorrent/Azureus

    The following 2 iptables entries open port 6881 (the default bittorrent
    port). The firewall configuration is presumed as single system (i.e.,
    firewall runs on the same box as the bittorrent client). The external interface 
    is assumed to be ppp0 

        bash # iptables -I INPUT 1 -i ppp0 -p tcp --tcp-flags SYN,RST,ACK SYN --dport 6881 -m state --state NEW -j ACCEPT 
        bash # iptables -I INPUT 1 -i ppp0 -p udp --dport 6881 -m state --state NEW -j ACCEPT

    For NAT/Firewall configuration within Azureus, see the Azureus Wiki, and
    specifically:

        http://www.azureuswiki.com/index.php/Firewalling#Configuring_Iptables_.28Linux.29

    For best results when downloading torrents, open the following tcp and udp
    ports:
        Distributed DB torrent port: 6881
                        udp tracker: 6969
                    TCP SSL Tracker: 7000

5. IPTables script generator

    A script for iptables is available via http which allows configuration
    options like opening ports and standard services (like ssh and etc). This
    is available at:

        http://easyfwgen.morizot.net/gen/index.php

6. IPTables documentation

    There's a bunch of documentation around on iptables. See for example:

        http://www.linuxguruz.com/iptables/howto/maniptables.htm
        http://www.hackorama.com/network/portfwd.shtml