1-iptables
There are two basic tabletype options for iptables:
| 类型 | 作用 |
|---|---|
| filter | Sets a rule for filtering packets. |
| nat | Configures Network Address Translation, also known as masquerading, discussed later in this chapter. |
Next is the
| 参数 | 作用 |
|---|---|
| -A (--append) | Appends a rule to the end of a chain. |
| -D (--delete) | Deletes a rule from a chain. Specify the rule by the number or the packet pattern. |
| -L (--list) | Lists the currently configured rules in the chain. |
| -F (--flush) | Flushes all of the rules in the current iptables chain. |
| INPUT | All incoming packets are checked against the rules in this chain. |
| OUTPUT | All outgoing packets are checked against the rules in this chain. |
| FORWARD | All packets being sent to another computer are checked against the rules in this chain. |
| -s ip_address | All packets are checked for a specific source IP address. |
| -d ip_address | All packets are checked for a specific destination IP address. |
| DROP | The packet is dropped. No message is sent to the requesting |
computer.|