From c4200230d189f0cd880941291c8a24308c3b9b56 Mon Sep 17 00:00:00 2001 From: test2 Date: Tue, 12 Nov 2019 22:31:15 +0200 Subject: [PATCH] iptables --- sec/ex-3_iptables.adoc | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/sec/ex-3_iptables.adoc b/sec/ex-3_iptables.adoc index 28d630a..283466c 100644 --- a/sec/ex-3_iptables.adoc +++ b/sec/ex-3_iptables.adoc @@ -114,15 +114,17 @@ iptables is the user utility which allows you to work with these chains/rules. The key to understanding how iptables works is http://docs.swarmlab.io/lab/sec/tables_traverse.jpg[this chart]. The lowercase word on top is the table and the upper case word below is the chain. + - Every IP packet that comes in **on any network interface** passes through this flow chart from top to bottom. -A common source of confusion is that packets entering from, say, an internal interface are handled differently than packets from an Internet-facing interface. -All interfaces are handled the same way; it's up to you to define rules that treat them differently. +**All interfaces are handled the same way; it's up to you to define rules that treat them differently.** -Of course some packets are intended for local processes, hence come in from the top of the chart and stop at , while other packets are generated by local processes; hence start at and proceed downward through the flowchart. +Of course some packets +- are intended for local processes, hence come in from the top of the chart and stop at **Local Proces**, +- while other packets are generated by local processes; hence start at **Local Process** and proceed downward through the flowchart. -A detailed explanation can be found [https://www.frozentux.net/iptables-tutorial/iptables-tutorial.html#TRAVERSINGOFTABLES here]. +A detailed explanation [https://www.frozentux.net/iptables-tutorial/iptables-tutorial.html#TRAVERSINGOFTABLES here]. ==== In the vast majority of use cases you won't need to use the **raw**, **mangle**, or **security** tables at all.