iptables

Table

  • nat

  • mangle - For the modification of packets, ex:time to live (TTL), type of service (TOS)

  • filter

Chain

  • INPUT

  • OUTPUT

  • FORWARD

  • PREROUTE

  • POSTROUTE

TARGET

  • ACCEPT

  • DROP

  • REJECT

  • QUEUE

Policy

If all rules are not match, then go to default policy.

iptables-save *filter :Chain -rule

conntrack tool

It is the ability to maintain connection information in memory.

  • conntrack Command

    • table name: conntrack / expect

      • Parameters:

        • -L $table

          List all conntrack in table

        • -D $table

          Delte all conntrack in table

        • -F $table

          Flush all conntrack in table

      • Options:

        • -p $protocol

          ex: tcp, udp

PreviousIntroductionNextebtables

Last updated