Manualshelf

Specifications

ManualsBrandsCabletron Systems ManualsNetwork CardE2100
121122123124125126127128129130
Figure 4.1: Course of a Packet with iptables
PREROUTING, OUTPUT, and POSTROUTING. Figure 4.1 attempts to illustrate
the interplay of nat and filter tables.
Note
Course of a packet
All packets must pass through both a nat and a filter table before
they can reach a computer program.
Note
The program iptables has an implicit parameter -t [filter] that,
by default, is applied to the filter table. To address another table,
specify it with the -t [table name] option. For example, to add a
rule to the POSTROUTING chain in the nat table, enter the command
/sbin/iptables -t nat -A POSTROUTING....
The implicit parameter -t [filter] is also valid for other opera-
tions. For example, the command iptables -t nat -L -nv lists
the rules of the nat table. The commands iptables -L -nv and
iptables -t filter -L -nv both list the rules of the filter table.
Packet Descriptions
With iptables, it is possible to check many features of packets. Only a few
of these are mentioned here as examples. For more on this subject, see the
man page for iptables (man 8 iptables). The following criteria are often
used:
118 Services on the Firewall