The packet flow through netfilter has been a little hazy for me. Today I received enlightenment. Pablo Neira Ayuso has a paper called Towards 4th Generation Linux Firewalling Tools. On page 10 of that presentation is an excellent drawing of the iptables paths and what is performed in each path. It clearly shows PREROUTING, FORWARD, INPUT, OUTPUT, and POSTROUTING. Continue reading "NetFilter Documentation, Tutorial and Pictures" »