4 tables

• filter (filter rules)
• nat (NAT rules)
• mangled (specialized rules)
• raw (independent rules)

Une table contient = built-in chains + user defined chains

Built-in chain = INPUT, OUTPUT, FORWARD (filter table), PREROUTING, POSTROUTING (NAT table)

1 rule applies to a chain within a table

When a packet matches a rule = target (ACCEPT, DROP, LOG, REJECT, RETURN)

iptables -nL

Sources