#iptables

一篇比较全面、比较好的关于 iptables 的文章:A Deep Dive into Iptables and Netfilter Architecture | DigitalOcean

讲解了所有的都是从5️⃣个钩子函数中衍生出来的;的存在是为了人为地体现出不同的调用优先级

以及,的遍历顺序:

  • Incoming packets destined for the local system: PREROUTING -> INPUT
  • Incoming packets destined to another host: PREROUTING -> FORWARD -> POSTROUTING
  • Locally generated packets: OUTPUT -> POSTROUTING
桃子的碎碎念 桃子 编辑