[Firehol-support] How different interfaces are from routers

[Phil Whineray]

> This is because netfilter, which is what implements the actual firewall
> rules in Linux, will only check rules in one of the INPUT, OUTPUT and
> FORWARD chains. See this diagram [1].

Sorry for the noise, everyone, the missing link [1] is:

1: https://upload.wikimedia.org/wikipedia/commons/3/37/Netfilter-packet-flow.svg