42.9.3. Command Options for IPTables

Rules for filtering packets are created using the iptables command. The following aspects of the packet are most often used as criteria:

Packet Type — Specifies the type of packets the command filters.
Packet Source/Destination — Specifies which packets the command filters based on the source or destination of the packet.
Target — Specifies what action is taken on packets matching the above criteria.

Refer to Section 42.9.3.4, “IPTables Match Options” and Section 42.9.3.5, “Target Options” for more information about specific options that address these aspects of a packet.

The options used with specific iptables rules must be grouped logically, based on the purpose and conditions of the overall rule, for the rule to be valid. The remainder of this section explains commonly-used options for the iptables command.