![]() It has INPUT, FORWARD and OUTPUT built-in chains. The security table is for Mandatory Access Control (MAC) implemented by Linux Security Modules. It has PREROUTING and OUTPUT built-in chains. The raw table is for marking the packets so that they are not used in connection tracking. The mangle table is for specialized alteration of certain fields like TOS and TTL in the packet header. ![]() It has PREROUTING, OUTPUT and POSTROUTING built-in chains. The nat table is for configuring the NAT. The filter table has INPUT, FORWARD and OUTPUT built-in chains and is the default table for packet filtering. These are the filter, nat, mangle, raw and security tables. The POSTROUTING chain is for processing the packets just before they go out.įig. The PREROUTING chain is for packets coming on a network interface before any processing. The OUTPUT chain is for packets generated by the local processes with some other host as the destination and are to be sent out. The FORWARD chain is for packets that come to this host but are destined for some other host and hence are to be forwarded. The INPUT chain is for packets meant for the local processes running on the host. ![]() The built-in chains are INPUT, FORWARD, OUTPUT, PREROUTING and POSTROUTING. Once a packet matches a rule, the action specified in the rule is taken on the packet. A chain contains a list of rules which match IP packets based on the criteria specified in a rule. The chains are stored in tables in the kernel.Įach table contains built-in and user-defined chains. The rules for packet filtering are kept in a sequence in chains.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |