Diewuxi

Belive tomorrow will be better, love science and technology, support communication and understanding, always ready for thought turn.

Blog / engineering_technology / computer / software / network / iptables 笔记

Blog

Article^ Parent

iptables 笔记

Date: 2016-03-26 00:00:00
Description: iptables 使用笔记。
Keywords: iptables, Linux, 转发
Category: engineering_technology/computer/software/network
Tag: iptables, network, linux
Link: https://www.diewuxi.com/blog/article/91.html

Changelog

* 2016-03-26
    * Done

五个hook function(CHAIN)

  1. INPUT

主要与想要进入我们 Linux 本机的数据包有关;

  1. OUTPUT

主要与我们 Linux 本机所要送出的数据包有关;

  1. FORWARD

与 Linux 本机比较没有关系, 他可以传递数据包到后台的计算机中,与下列 nat table 相关性较高。

  1. PREROUTING

在进行路由判断之前所要进行的规则(DNAT/REDIRECT)

  1. POSTROUTING

在进行路由判断之后所要进行的规则(SNAT/MASQUERADE)

四种处理机制(table):

  1. filter:Input,Output,Forward

过滤数据包,该表根据管理员预定义的一组规则过滤符合条件的数据包。filter表是iptables默认的表

  1. nat:prerouting,postrouting,output

地址转换(NAT) 主要用于网络地址转换,该表可实现一对一。一对多,多对多等工作,iptables就是使用该表实现共享上网功能。

  1. mangle:Input ,Output,Forward,prerouting,postrouting

包重构(mangle)对指定的数据包进行修改,例如更改TTL和TOS等,实际中很少使用。

  1. RAW:prerouting,output

RAW 很少使用

Last modified: 2016-03-26

Comments [0]

There is no comments now.

Write comment(* is necessary, and email is not shown to public)

Catalog

Tags

computer(0) life(1) physics(4) programming(4) mcu(4) major(0) literature(2) media(4) android(3) college(0) laboratory(0) shell(2) communication(1) think(1) feelings(2) nokia(1) review(2) end_of_term(3) exam(1) method_of_study(1) mother(1) robot(1) logic(1) serial_port(1) entertainment(1) laptop(1) disassembly(1) repair(1) nanotechnology(1) reading(1) color(1) light(1) thinking(1) language(1) funny(1) build(2) android studio(1) ai(1) chatgpt(1) diary(1) year-end summary(1) sdas8051(2) MCS-51(3) 8051(1) STC(1) makefile(1) graphene(1) tex(4) linux(5) init(1) x(1) terminal_emulator(1) mysql(2) web(1) storage(1) compiler(1) c(1) php(2) java(2) encoding(4) network(2) phone(1) internet(1) security(1) dwxcli(1) test(1) debian(1) package(1) dpkg(1) aptitude(1) pandoc(1) note(4) pdf(2) ghostscript(1) pdftk(1) latex(3) ctex(1) texlive(1) rsync(1) backup(1) crazyracing(1) game(2) graphic(3) mencoder(1) ffmpeg(1) gnuplot(1) imagemagic(1) mplayer(1) iptables(1) clash(1) netowrk(1) proxy(1) mouse(1) usb(1) wine(1) windows(2) bat(1) text-process(1) sed(1) git(1) maven(1) vim(1) gun_screen(1) yii2(1) book-making(1) experiment(1) battery(1) molecule(1) atom(1) electron(1) fraud(1) family(1) cook(1) food(1) new_year(1) blessings(1) spring-festival(1) shampoo(1) washing(1) operating_system(1) software(1)

Diewuxi 2017--2024