Differences

This shows you the differences between two versions of the page.

--- iptables [2020/11/22 09:30] – created A User Not Logged in
+++ iptables [2023/06/22 05:07] (current) – 2406:da18:864:f101:4d58:28e8:644:2ed5
@@ Line 1: / Line 1: @@
-====== Command Line ======
+====== filter table ======
-<code>
+allow forward for specific in/out interface:
-iptables [-t TABLE] [-COMMAND CHAIN] [RULE]
-</code>
-Tables and chains:
+  iptables -I FORWARD --in-interface <name> --out-interface <name> -j ACCEPT
-  * filter (default table if -t option is not specified)
-    * INPUT
-    * FORWARD
-    * OUTPUT
-  * nat
-    * PREROUTING
-    * OUTPUT
-    * POSTROUTING
-  * mangle
-    * PREROUTING
-    * OUTPUT
-    * INPUT
-    * FORWARD
-    * POSTROUTING
-  * raw
-    * PREROUTING
-    * OUTPUT
-Command:
+====== mangle table ======
-  * -A: append
+mark packet:
-  * -D: delete
-  * -I
-  * -R
-  * -L: list
-  * -F
-  * -Z
-  * -N
-  * -X
-  * -P
-  * -E
-Rule specification(used in -A, -D, -I, -R):
+  iptables -t mangle -I PREROUTING --in-interface <name> -j MARK --set-mark 0x10086
+====== nat table ======
-  * -p, --protocol [!] protocol
+postrouting masquerade:
-  * -s, --source [!] address[/mask]
-  * -d, --destination [!] address[/mask]
-  * -j, --jump target
-  * -g, --goto chain
-  * -i, --in-interface [!] name
-  * -o, --out-interface [!] name
-  * -c, --set-counters PKTS BYTES
-  * -v, --verbose
-  * -n, --numeric
-  * -x, --exact
-  * --line-numbers
-  * --modprobe=command
-Target:
+  iptables -t nat -I POSTROUTING --out-interface <name> -j MASQUERADE --match <value>
+prerouting masquerade:
+  iptables -t nat -I PREROUTING --in-interface <name> -j MASQUERADE --match <value>
-====== IP Forwarding ======