Linux firewall provides a scalable mechanism for developers. After a thorough research of SVM principle, this paper, proposes the design and implementation of Linux firewall system based on SVM. The Netfilter framework is used to capture network packets. In the users’ space, anomaly network traffic is classified by support vector machine algorithm module and the rules of Iptables are added dynamically. Thus, the function of defending network attacks is realized. The experimental results demonstrate that the proposed system model has high detection accuracy for the classification of abnormal traffic. It proves that the SVM algorithm is feasible and effective in Linux firewall.