The next building blocks of the IPTables configuration are the rules. Tables and chains themselves provide only a container, interface and an evaluation mechanism, but it is the rules that describe the core configuration.
During the evaluation of a chain, actually the rules are evaluated one by one. Every packet is run through this process and the match is checked against each rule in the chains.
The rules consist of two main parts:
match, and
target.
Each packet is tested whether that packet and its related status information is matching the match part of the rule. If a match occurs the target part is used.
| Note |
|---|
|
It is possible that a rule has no target part. In this case nothing happens, only the rules counter is incremented. If a rule has no match part, all packets match that given rule. |
Published on May 30, 2024
© BalaSys IT Ltd.
Send your comments to support@balasys.hu
