Iptables is a firewall software on Linux based on command line. Iptables allows a sysadmin from a linux system to manage incoming and outgoing traffic with the rules of iptables itself. Using iptables is actually easy. And iptables is often a primary requirement on a server, especially a server that is exposed to the public. This becomes very important, considering that in this increasingly advanced era, security threats are also increasing.
Iptables uses a table that has a set of settings created by the iptables user. There are 3 types of tables:
- FILTER: the default table that contains INPUT (package that goes to the LAN), FORWARD (packet that is directed through the system), OUTPUT (package made locally)
- NAT: a table that becomes a reference when there is a new connection. contains PREROUTING (used to manipulate packets immediately received), OUTPUT (used to manipulate packets made locally) and POSTROUTING (used to manipulate packages that want to go out).
- MANGLE: This table is used to manipulate packages. In the 2.4 kernel there are only 2 but now there are 5:PREROUTING: manipulates incoming connections.
OUTPUT: manipulates local packages
INPUT: manipulates incoming packets
POSTROUTING: manipulates the package that will come out
FORWARD: for packages that are directed through the system
The above points are capital to find out what are the parameters and tables in iptables. Thus it will be easy to read the meaning of the iptables rule.