iptables basic

List # list filter table sudo iptables -L # list nat table sudo iptables -L -t nat Redirect # Redirect locally sudo iptables -A OUTPUT -t nat -p tcp --src 127.0.0.1 --dport 80 -j REDIRECT --to-port 8080 # Redirect in LAN sudo iptables -A PREROUTING -t nat -p tcp --src 10.42.0.0/24 --dst 10.42.0.1 --dport 80 -j REDIRECT --to-port 8080 Filter # Reject with ICMP-port-unreachable. sudo iptables -A OUTPUT --dst www.bing.com -j REJECT # Drop and hang up the connection. sudo iptables -A OUTPUT --dst www.bing.com -j DROP Package flow paths Package flow paths (from iptables - Wikipedia):