Add to Favorites | Login | Register
Network Security Internet Technology Development Database Servers Mobile Phone Android Software Apple Software Computer Software News IT Information

In addition to Weibo, there is also WeChat

Please pay attention

WeChat public account

Shulou

About us Contact us

Iptable detailed explanation

2025-01-19 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Network Security >

Share

Shulou(Shulou.com)06/01 Report--

Ordered rules form a chain chain

The set of chains forms the table table.

The default iptables table is called "filter" and contains three default chains.

For each package, the kernel chooses the appropriate one of the three chains to process:

. FORWARD chain rules for packets input from one network interface and forwarded to another network interface for output

. INPUT chain rules for packets destined for the native machine

. OUTPUT chain rules for packages sent from the local host

In addition to the filter table, iptables contains "NAT" and "mangle" tables.

. The mangle table contains the contents of network packets that can be modified or changed by chains outside of NAT and packet filtering.

Although the mangle table is convenient for special processing of packages, such as resetting the ttl value of IP packages, it is generally not used in most work environments.

The functions of the three rule tables are as follows:

Nat: this rule table has two rule chains, PREROUTING and POSTROUTING

The main function is to convert one-to-one, one-to-many, many-to-many URLs (SNAT, DNAT)

This list of rules should not be used for any purpose other than for URL conversion.

Mangle: this rule table has three rule chains: PREROUTING, FORWARD, and POSTROUTING.

In addition to rewriting packets during URL conversion, some special applications may also have to rewrite packets (TTL, TOS).

Or set MARK (to mark packets for subsequent filtering), in which case the work must be defined in the mangle rule table

Due to low usage, we are not going to discuss the use of mangle here.

Filter: this rule table is the default rule table, with three rule chains: INPUT, FORWARD and OUTPUT

As the name implies, this rule table is used for packet filtering (for example, DROP, LOG, ACCEPT, or REJECT).

We will establish all the basic rules in this rule table.

Reference: http://blog.chinaunix.net/uid-26000296-id-4111127.html

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

Views: 0

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.

Tag Search: Rules three packets work URL network processing special function interface as the name implies one-on-one two host utilization content kernel action work meeting is in vpn macOS Linux MariaDB MySQL Docker Shulou Information Shulou Technology Shulou Tech Info OPPO Reno Redmi Xiaomi NVidia Microsoft Huawei Apple macOS Shulou Tech Info MariaDB Linux MySQL Apple Microsoft Shulou Information NVidia Shulou Technology Docker OPPO Reno Huawei Xiaomi vpn Redmi macOS Shulou Tech Info MariaDB Linux MySQL Apple Microsoft Shulou Information NVidia Shulou Technology Docker OPPO Reno Huawei Xiaomi vpn Redmi

Share To

Related

Network Security

More Network Security >

Latest Network Security More Network Security >

Latest Internet Technology More Internet Technology >

Latest Development More Development >

Latest Database More Database >

Latest Servers More Servers >

Latest Mobile Phone More Mobile Phone >

Latest Android Software More Android Software >

Latest Apple Software More Apple Software >

Latest Computer Software News More Computer Software News >

Latest IT Information More IT Information >

Wechat

About us Contact us Product review car news thenatureplanet

© 2024 shulou.com SLNews company. All rights reserved.

12
Report