Packet filtering with iptables is one of the most confusing topics for a linux newbie. At the start, almost everyone has a hard time getting his head around the basics. I hope this article will serve as a basic introduction to the concept of packet filtering,
Where iptables fits in?
Iptables is the most common packet filtering package that is distributed with almost every known linux distribution. Initially, ipchains used to be the preferred packet filtering application.
Understanding packet filtering
The basic concept of packet filtering is very simple. Every network packet that comes into or goes out the machine is checked against a set of rules and depending upon the rules, that packet is either allowed to continue, dropped or even changed.
In order to understand iptables, one has to understand the structure of chains and tables.For packet filtering purposes, we are only going to deal with the FILTER queue (more later in another topic). In iptables, you basically have three in-built chains in the FILTER queue. These are
Depending upon the source or destination of any network packet, a packet traverses through one of these chains.
- A packet generated by your machine itself will go to the OUTPUT chain
- A packet whose destination is your machine will go through the INPUT chain
- Any packet which just passes through your machine without your machine being the final destination is checked against the FORWARD chain.