iptables整休模块链表结构图

中国IT动力,最新最全的IT技术教程

最新100篇 | 推荐100篇 | 专题100篇 | 排行榜 | 搜索 | 在线API文档

当前位置：> 操作系统 > Linux > Linux综合

iptables整休模块链表结构图

作者:未知时间:2005-09-13 22:45 出处:Blog.ChinaUnix.net 责编:chinaitpower

摘要：iptables整休模块链表结构图

Network
                    -----------+-----------
                               |
                     +---------+---------+
                     |     PREROUTING    |
                     | +-------+-------+ |
                     | |   conntrack   | |
                     | +-------+-------+ |
                     | |    mangle     | | <- MARK WRITE
                     | +-------+-------+ |
                     | |      IMQ      | |
                     | +-------+-------+ |
                     | |      nat      | | <- DEST REWRITE
                     | +-------+-------+ |     DNAT or REDIRECT
                     +---------+---------+
                               |
                       +-------+-------+
                       |    ipchains   |
                       |     input     |
                       +-------+-------+
                               |
                       +-------+-------+
                       |      QOS      |
                       |    INGRESS    |
                       +-------+-------+
                               |
         packet is for +-------+-------+ packet is for
          this machine |     INPUT     | another address
        +--------------+    ROUTING    +--------------+
        |              |    + PDBB     |              |
        |              +---------------+              |
+-------+-------+                                     |
|     INPUT     |                                     |
| +-----+-----+ |                                     |
| |   filter | |                                     |
| +-----+-----+ |                                     |
+-------+-------+                                     |
        |                                             |
+-------+-------+                                     |
|     Local     |                             +-------+-------+
|    Process    |                             |    FORWARD    |
+-------+-------+                             | +-----+-----+ |
        |                                     | | mangle   | | <- MARK WRITE
+-------+-------+                             | +-----+-----+ |
|    OUTPUT     |                             | | filter   | |
|    ROUTING    |                             | +-----+-----+ |
+-------+-------+                             +-------+-------+
        |                                             |
+-------+-------+                                     |
|     OUTPUT    |                             +-------+-------+
| +-----------+ |                             |    ipchains   |
| | conntrack | |                             |    forward    |
| +-----+-----+ |                             +-------+-------+
| |   mangle | | <- MARK WRITE                       |
| +-----+-----+ |                                     |
| |    nat    | | <-DEST REWRITE                      |
| +-----+-----+ |     DNAT or REDIRECT                |
| |   filter | |                                     |
| +-----+-----+ |                                     |
+-------+-------+                                     |
        |                                             |
        +------------------+       +------------------+
                           |       |
                        +--+-------+--+
                        |   ipchains |
                        |    output   |
                        +------+------+
                               |
                     +---------+---------+
                     |    POSTROUTING    |
                     | +-------+-------+ |
                     | |    mangle     | | <- MARK WRITE
                     | +-------+-------+ |
                     | |      nat      | | <-SOURCE REWRITE
                     | +-------+-------+ |     SNAT or MASQUERADE
                     | |   conntrack   | |
                     | +-------+-------+ |
                     | |      IMQ      | |
                     | +-------+-------+ |
                     +---------+---------+
                               |
                        +------+------+
                        |     QOS     |
                        |    EGRESS   |
                        +------+------+
                               |
                    -----------+-----------
                            Network

关闭本页