A guy i work with is stuck with a kernel problem (Red Hat if it matters). He’s trying to upgrade/replace an existing kernel to add a firewall right into it. So far, all he has right now is a text file that lists which ports to allow for in/out/both communications.
The question is, where in the kernel does the firewall needed to be added and what sort of C commands need to be in there?
I’m no expert but I’m not sure that you need to mess with the kernel at all, save to remove unwanted features. I think that your friend needs to look at IPCHAINS.
Me, I just installed Smoothwall.
Also no expert here, but ya, as already stated, I don’t think the kernel comes into it in most cases. The default RH installation has ipchains (iptables in later RH releases) as an RPM package. Then you just need to steal someone’s ipchains/iptables configuration (typically /etc/sysconfig/iptables), and tweak it 
The kernel needs to support iptables (or the older ipchains if it’s not at least a 2.4 kernel.) I’ve never used Red Hat; their default kernel may support it. If he needs to compile his own kernel, he should look for something like “netfilter” or “packet filtering” in the make menuconfig menus, under networking.
There are several graphical front ends to help configure iptables, for those of us who aren’t awesome enough to face the text file configuration unarmed. I use guarddog.
Just make sure the kernel supports iptables (in newer kernels) or ipchains (in older kernel) when you [menu | x ]config it. Nothing too in depth. Then you can use iptables to configure the firewall to your liking. Then you get to learn the wonderful world of iptables!
In Redhat, the basic “setup” command has a firewall setup option, which runs /usr/bin/redhat-config-securitylevel, which modifies your /etc/sysconfig/iptables file. It’s extremely basic (deny everything except ports/protocols you specify), but depending on your needs, it may be do what you want out of the box.
As has been pointed out, iptables is complex. Editing the config file by yourself will require some studying first.