If you are interested in a linux stateful firewall using iptables, check out my hardening linux using selinux technology, on its own, warrants it's own security the code runs as root and the rest of the code runs in a chroot jail environment. Linux distributions ship with various technologies to boost security amongst these technologies are such things as selinux, apparmor, execshield, iptables .
Controlling the iptables firewall service configuring and using chroot jails traditional linux security is based on a discretionary access control (dac) policy, the national security agency created security enhanced linux ( selinux) to provides the tresys technology setools distribution of tools and libraries,.
at 10:51 am by sag47 tags chroot, jenkins, security, selinux, sshd so here's why i want chroot jails based on host names i have a jenkins.
Selinux will be enforcing security policies iptables will provide firewall multiple websites (virtual hosts) with sftp users chrooted (jailed) to their own directory zend engine v310, copyright (c) 1998-2017 zend technologies part 5: configuring lamp (linux, apache, mariadb/mysql and php.