iptables Syntax
As presented earlier, iptables uses the concept of separate rule tables for different packet processing functionality. Nondefault tables are specified by a command-line option. Three tables are available:
filter— The filter table is the default table. It contains the actual firewall filtering rules. The built-in chains include these:
INPUT
OUTPUT
FORWARD
nat— The nat table contains the rules for Source and Destination Address and Port Translation. These rules are functionally distinct from the firewall filter rules. The built-in chains include these:
PREROUTING (DNAT/REDIRECT)
OUTPUT (DNAT/REDIRECT)
POSTROUTING (SNAT/MASQUERADE)
mangle— The mangle table contains rules for setting specialized packet-routing flags. These flags are then ...
Get Linux Firewalls, Third Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.