[Firehol-support] How different interfaces are from routers

Phil Whineray phil at firehol.org
Tue Jul 31 18:49:28 BST 2018


> This is because netfilter, which is what implements the actual firewall
> rules in Linux, will only check rules in one of the INPUT, OUTPUT and
> FORWARD chains. See this diagram [1].

Sorry for the noise, everyone, the missing link [1] is:

1: https://upload.wikimedia.org/wikipedia/commons/3/37/Netfilter-packet-flow.svg


More information about the Firehol-support mailing list