Subj : Re: CVS commit web/html/i
To   : Belly
From : Angus Mcleod
Date : Fri Apr 08 2005 11:08 pm

  Re: Re: CVS commit web/html/i
  By: Belly to Angus Mcleod on Fri Apr 08 2005 00:36:00

 > (are they even called 'chains' anymore? 'Table' just doesn't sound 
 > right.)

No, they are still chains.  iptables recognises three tables called 
'filter', 'nat' and 'mangle'.  These tables contain default *chains*.

The 'filter' table contains 'INPUT', 'FORWARD' and 'OUTPUT' chains.  The 
'nat' table contains 'PREROUTING', 'POSTROUTING', and 'OUTPUT' chains.  I 
can't remember what and all is in the 'mangle' table.

User-defined chains are created in a particular table:

	/usr/sbin/iptables --table filter -N my_user_defined-chain

and then you can --append or --insert rules into the user defined or 
pre-defined chains as usual, and --jump to the user defined chains from 
one of the built-in chains as needed.

Chains have not gone away.  They have just been organized into tables.  



---
 þ Synchronet þ Great programs on the Synchronet Channel at The ANJO BBS

.