September 2005
Intermediate to advanced
552 pages
13h 30m
English
Content preview from Linux Firewalls, Third EditionBecome an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
iptables Syntax
As presented earlier, iptables uses the concept of separate rule tables for different packet processing functionality. Nondefault tables are specified by a command-line option. Three tables are available:
filter— The filter table is the default table. It contains the actual firewall filtering rules. The built-in chains include these:
INPUT
OUTPUT
FORWARD
nat— The nat table contains the rules for Source and Destination Address and Port Translation. These rules are functionally distinct from the firewall filter rules. The built-in chains include these:
PREROUTING (DNAT/REDIRECT)
OUTPUT (DNAT/REDIRECT)
POSTROUTING (SNAT/MASQUERADE)
mangle— The mangle table contains rules for setting specialized packet-routing flags. These flags are then ...