Manpage of IPTABLES
The other main difference is that -i refers to the input interface; -o refers to the output interface, and both
are available for packets entering the FORWARD chain.
iptables is a pure packet filter when using the default `filter' table, with optional extension modules. This
should simplify much of the previous confusion over the combination of IP masquerading and packet
filtering seen previously. So the following options are handled differently:
-j MASQ
-M -S
-M -L
There are several other changes in iptables.
SEE ALSO
iptables-save
(8),
iptables-restore
(8),
ip6tables
(8),
ip6tables-save
(8),
ip6tables-restore
(8). The packet-
filtering-HOWTO details iptables usage for packet filtering, the NAT-HOWTO details NAT, the netfilter-
extensions-HOWTO details the extensions that are not in the standard distribution, and the netfilter-
hacking-HOWTO details the netfilter internals.
See
http://www.netfilter.org/
.
AUTHORS
Rusty Russell wrote iptables, in early consultation with Michael Neuling.
Marc Boucher made Rusty abandon ipnatctl by lobbying for a generic packet selection framework in
iptables, then wrote the mangle table, the owner match, the mark stuff, and ran around doing cool stuff
everywhere.
James Morris wrote the TOS target, and tos match.
Jozsef Kadlecsik wrote the REJECT target.
Harald Welte wrote the ULOG target, TTL, DSCP, ECN matches and targets.
The Netfilter Core Team is: Marc Boucher, Jozsef Kadlecsik, James Morris, Harald Welte and Rusty
Russell.
Man page written by Herve Eychenne <
>.
http://www.iptablesrocks.org/syntax/man_iptables.htm (18 of 20) [2/13/2004 8:04:51 PM]