iptables

this page is give information about iptable

What is iptables

In linux operating system, the firewalling is taken care of using netfilter. Which is a kernel module that decides what packets are allowed to come in or to go outside.

iptables are just the interface to netfilter. The two might often be thought of as the same thing. A better perspective would be to think of it as a back end and a front end.

What was firewall again?

A firewall is a network security system that acts as a digital gatekeeper, controlling which data packets can enter or leave your computer. It examines traffic on numbered ports (like port 80 for web servers or port 22 for SSH) and decides whether to accept, reject, or drop each packet based on your predetermined rules. This selective filtering protects your system from unauthorized access while allowing legitimate network communication to flow.

Why use iptables?

  • More flexibility - firewalld and ufw are simple but limit your options

  • Advanced actions - Beyond just accept/reject, iptables supports NAT, logging, forwarding, and more

  • Full control - Access to complete networking features that simple firewalls can't provide

  • Professional power - Better for complex networking requirements

iptables Architecture

  • Chains - 5 chains handle packets at different stages:

    • Prerouting, Input, Forward, Output, Postrouting

    • Each processes packets based on their destination and routing

  • Tables - Different tables for different functions:

    • Filter - Most common, controls packet filtering/blocking

    • NAT - Handles Network Address Translation

    • Mangle, Raw, Security - Specialized functions

  • Targets - Targets specify where a packet should go:

    • Built-in: ACCEPT, DROP, RETURN

    • Extensions: DNAT, LOG, MASQUERADE, REJECT, SNAT (39 total)

    • Terminating - Stop rule processing

    • Non-terminating - Modify packet and continue processing

Updated on
Implemented reverse proxy
implementation of iptables