It's a dated but still widely used tool:
- Linux firewall
- Container egress (SNAT) and port publishing (DNAT)
- Kubernetes service discovery
- Service Mesh transparent injection
- etc. π½
- tables
- chains
- rules
- targets
- policies
...that might be challenging to grasp. Here is how I approach it.
1. Come up with a logical model of packet processing inside the Linux kernel. Give meaningful names to stages.
Packet from a local process:
OUTPUT -> POSTROUTE
Packet to a local process:
PREROUTE -> INPUT
Packet forwarded between interfaces:
PREROUTE -> FORWARD -> POSTROUTE
Most common tables:
raw -> mangle -> nat -> filter
Chains are called after the predefined stages:
INPUT, OUTPUT, FORWARD, etc.
Rules are about packet criteria and targets - other chains or actions like DROP, ACCEPT, etc.
Writing iptables programs is like programming on jumps.
The packet path is known, the table precedence is known, the rule precedence is defined by your program.
Have fun!
iximiuz.com
More from this author
From VMs to Containers to Pods 𧡠Containers are (just) Linux processes. A helpful approximation to "get it." But at some point it might start limiti...
Grasping Kubernetes Networking (Mega Thread) - What is Kubernetes Service? - When to use ClusterIP, NodePort, or LoadBalancer? - How does multi-clust...
Computer Networking in Layman's Terms (thread) L2 - Ethernet L3 - IP L4 - TCP L7 - HTTP Lots of server-side folks are fluent with L4/L7 concepts. Bu...
Debunking Container Myths 𧡠A (never-ending) series of articles that I started writing a couple of years ago to fix my own misconceptions about conta...
Recent Threads
CBSE has systematically rewritten its rulebook to favor Coempt Eduteck. check out the blog. https://t.co/CmdXMo8pMh
SA DULO, MAGTATAGPO. β a filo #taekookau a taekook au wherein taehyung is a famous vlogger who offered a stranger to do the 24 hours jowa challenge w...
Iβm not allowed in social situations without supervision anymore https://t.co/qRXclKZQAi
yejisu au | fundamentals of me and you. where yeji was forced to face her past after yuna got her hired as a secretary to a CEO. the CEO? the same...
π¨Rollercoaster NIGHTMARE 8 students dangling 100ft on a stuck Galveston TX roller coaster! β¦ Vertical track failure left them hanging for hours. Fi...
Green flags in friendships that are highly underrated:
Popular Threads
ICTβs 2022 Mentorship Summarized: https://t.co/zFJCgIfDAR
DON'T ARGUE WITH DONKEYS (Fable) The donkey said to the tiger: - "The grass is blue". The tiger replied: - "No, the grass is green." The discussion...
The ICT Mentorship Core Content Month 1 Summarized: https://t.co/6tXJxPMDhm
Here's 40 TikTok hooks that could make you go viral. (Not in any particular order) //THREAD//
Top-40 Footballers with Most Goal Contributions (Goals + Assists) in history. [ A MEGA THREAD ] https://t.co/gAb3QcqdYQ
Top 20 Players with the most goals + assists in football history, only players with assists available (following the Opta criteria for assists) Seaso...
