Linux/iptables: Difference between revisions

From Wiki
mNo edit summary
mNo edit summary
Line 2: Line 2:




{|
!
{| class="wikitable"
!Tables
!Chains
|-
|FILTER
|
* INPUT
* OUTPUT
* FORWARD
|-
|NAT
|
* PREROUTING
* OUTPUT
* POSTROUTING
|-
|MANGLE
(modify ip headers)
|
* PREROUTING
* POSTROUTING
* OUTPUT
* INPUT
* FORWARD
|-
|RAW
(connection tracking)
|
* PREROUTING
* OUTPUT
|-
|SECURITY
|
|}
!
!
{| class="wikitable"
!Targets
|-
|REJECT
|-
|DROP
|-
|ACCEPT
|-
|RETURN
|}
|}
{| class="wikitable"
{| class="wikitable"
|+
|+

Revision as of 17:21, 4 December 2023


Tables Chains
FILTER
  • INPUT
  • OUTPUT
  • FORWARD
NAT
  • PREROUTING
  • OUTPUT
  • POSTROUTING
MANGLE

(modify ip headers)

  • PREROUTING
  • POSTROUTING
  • OUTPUT
  • INPUT
  • FORWARD
RAW

(connection tracking)

  • PREROUTING
  • OUTPUT
SECURITY
Targets
REJECT
DROP
ACCEPT
RETURN
Tables Chains
FILTER
  • INPUT
  • OUTPUT
  • FORWARD
NAT
  • PREROUTING
  • OUTPUT
  • POSTROUTING
MANGLE

(modify ip headers)

  • PREROUTING
  • POSTROUTING
  • OUTPUT
  • INPUT
  • FORWARD
RAW

(connection tracking)

  • PREROUTING
  • OUTPUT
SECURITY
Targets
REJECT
DROP
ACCEPT
RETURN


raspi wifi to ethernet

  • rc.local
    • iptables --table nat --append POSTROUTING --out-interface wlan0 -j MASQUERADE
    • iptables --append FORWARD --in-interface eth0 -j ACCEPT