Content #
iptables uses the concept of seperate rule tables for different kinds of packet-processing functionality. These rule tables are implemented as functionally separate table modules.
filter table #
- target extensions
REJECT, BALANCE, MIRROR, TEE, IDLETIMER, AUDIT, CLASSIFY, CLUSTERIP CONNMARK, TRACE, LOG, ULOG
- many match extensions
mangle table #
target extentions: MARK, TOS
From #
Linux Security: Enhancing Security with nftables and Beyond