From 5a415c30fd392019503ea86a18be62c6d6046d9f Mon Sep 17 00:00:00 2001 From: zeus Date: Mon, 8 Nov 2021 11:21:01 +0200 Subject: [PATCH] edit iptables --- iptables/modules/ROOT/pages/index.adoc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/iptables/modules/ROOT/pages/index.adoc b/iptables/modules/ROOT/pages/index.adoc index 2b79f06..4608bb0 100644 --- a/iptables/modules/ROOT/pages/index.adoc +++ b/iptables/modules/ROOT/pages/index.adoc @@ -279,8 +279,8 @@ The 3 most commonly used targets are **ACCEPT**, **DROP**, and **jump** to a use While built-in chains can have default policies, user-defined chains can not. ==== -- If every rule in a chain that you jumped fails to provide a complete match, the packet is dropped back into the calling chain as illustrated -http://docs.swarmlab.io/lab/sec/images/table_subtraverse.jpg[here^]. +- If every rule in a chain that you jumped fails to provide a complete match, the packet is dropped back into the calling chain as illustrated here: +image::ROOT:table_subtraverse.jpg[chain,float=right] - If at any time a complete match is achieved for a rule with a **DROP** target, the packet is dropped and no further processing is done. - If a packet is **ACCEPT**ed within a chain, it will be **ACCEPT**ed in all superset chains also and it will not traverse any of the superset chains any further.