IPTables

In linux, a program called IPTables can help to manage the flow of network packets. IPTables manages the flow based on a ruleset that you can manage using the command line. In order to modify IPTables you need to have sudo privileges.

Terminology

1. Targets - A target is the end decision of what to do with the packet
2. Rules - A rule determines the target that is applied to the packet based on criteria
3. Chains - A Chain is a set of rules applied based on how the packet is being processed
4. Tables - Tables are collections of Chains

Targets

Rules

Chains

Here are the chain types:

• Prerouting - this chain processes packets as soon as the host receives them.
• Input - the rules in this chain processes the packets received by the host.
• Forward - this set of rules controls the packets that are routed through the host.
• Output - this chain processes the packets for outbound hosts.
• Postrouting - the rules in this chain allow making changes to packets after they leave the output chain.

Tables

Each table has specific Chains that can be applied to it:

• Filter - Used for firewall like features of determining packets that should or should not be accepted by the host.
  • Input
  • Output
  • Forward
• NAT (Network Address Translation) - Used to apply rules at the NAT level. Frequently used when the destination or source of the packets need to be modified.
  • Prerouting
  • Output
  • Postrouting
• Mangle - Used to modify header properties of packets. Ex: TTL.
  • Prerouting
  • Input
  • Forward
  • Output
  • Postrouting
• Raw
  • Prerouting
  • Output
• Security - only included in some versions of Linux
  • Input
  • Output
  • Forward