An Introduction to IPtables for Beginners

Table of Contents

An Introduction to IPtables for Beginners

A firewall is an essential component of modern operating systems, it regulates the network traffic going to a computer. An office network or the Internet is protected by a firewall by creating a barrier between them. The goal of firewalls is to define rules that control what traffic is allowed on the network, and what traffic is blocked. For Linux systems, iptables is a popular utility firewall. Although Nftables replaced IPtables as a defense resource, many system administrators still consider IPtables one of the most important ones. Using this utility, firewall rules can be configured very easily and for enhanced security.

This tutorial will help you understand this application’s foundation in a basic way for beginners,


So let’s get started,

The iptables firewall uses the table concept to organize firewall rules. Let’s take a look at the different types of tables


There are five types of tables,


  • Filter table
  • NAT table
  • Mangle table
  • Raw table
  • Security table

1. Filter table

Using this table, packets are determined whether they can reach their destination or not. In order to reach the filter table, a typical packet must pass through one of the following chains.

A filter table for IPtables comprises three chains (sets of rules).

  • Input chain: Whenever a packet enters the system, it goes through the INPUT chain.
  • Output chain: In the case of packets coming from your server, they go through the Output chain.
  • Forward: No matter where the packets come from or where they go, if neither is your server, the packet goes to the forward chain.

The following command can be used to see your filter table.


sudo iptables -t filter --list

2. NAT table


The NAT table of iptables includes two new chains.


  • PREROUTING chain : PROROUTING enables packets to be altered before they reach the INPUT chain.
  • POSTROUTING chain : POSTOUTPUT allows packets to be altered after they leave the OUTPUT chain.
  • OUTPUT chain : In the case of local packet delivery, this chain is applied.


Following is a command that displays the NAT table.


sudo iptables -t filter --list

3. Mangle table


The IP headers are mainly modified in this table. There are five chains in it.





The following command displays the list of mangle tables.


sudo iptables -t mangle --list


4. Raw table

With this table, packets can be marked in a way that prevents tracking of connections.

Following are the chains of the mangle table,

  • OUTPUT chain



The following command displays the raw table list.


sudo iptables -t raw --list

5. Security table


SELINUX is referenced by this table. The SELINUX context is set for packets in this table.

Use the following command to view the list of security tables.

sudo iptables -t security --list

So we hope you gained a better understanding of IPTables’ basic concepts through this tutorial.


Get the most out of learning with

Make a Comment
Share on
VPSie Cloud service

Unlock Your

20% Discount

The First 3 orders get 20% discount! Try Sign up on VPSie to get a chance to get the discount.