How does firewall works from point of view of kernel (on Linux)?

Question

I've been looking to learn some of the kernel's internals, and one thing that is interesting to me is the networking side of linux, I'm not on latest kernel just yet, I have the source code for linux 4.4.60 compiled for raspberry pi 3.I want to understand how the kernel's firewall/packet filtering works?before posting this thread I made sure to look through /docs directory in the kernel's source, most of what I found seems to be focused on writing/developing a network device.I would appreciate any pointers or links to resources.thank you.

LinuxBender · Accepted Answer

Here [1][2] is a diagram that may provide a high level view. There are other diagrams that get into more details. Those would be good starting points to search for so that the documentation makes more sense. It may also be worth searching on Youtube for videos of people doing a walk-through of packet flows in Netfilter.
[1] - https://upload.wikimedia.org/wikipedia/commons/thumb/3/37/Ne...
[2] - https://en.wikipedia.org/wiki/Netfilter

throwaway29303 · Answer

http://linux-ip.net/ more specifically http://linux-ip.net/pages/diagrams.htmlhttps://docs.kernel.org/networking/index.htmlhttps://www.kernel.org/doc/Documentation/networking/ip-sysct...Have fun. 8-)