However, do note that the packet will traverse all other chains in the other tables in a normal fashion. if a packet is ACCEPTed within one of the sub chains, it will be ACCEPT'ed in the superset chain also and it will not traverse any of the superset chains any further (in that table!).user-defined chains can only be reached by "jumping" to them from a rule via the jump target.special class of non-terminating target: the jump target.Non-terminating targets: Non-terminating targets perform an action and continue evaluation within the chain.Terminating targets: Terminating targets perform an action which terminates evaluation within the chain and returns control to the netfilter hook.A target is the action that are triggered when a packet meets the matching criteria of a rule.Note: The table determines order of evaluation.Rules are placed within a specific chain of a specific table.raw : Used to bypass connection tracking.mangle: used to modify or mark packets: Mark is on the skbuf and not on the packet itself.Within each iptables table, rules are further organized within separate "chains".These tables classify rules according to the type of decisions they are used to make.The iptables firewall uses tables to organize its rules.Locally generated packets: OUTPUT -> POSTROUTING.
0 kommentar(er)
