WEBVTT

00:01.780 --> 00:08.520
To write deficient final rules, you must deeply understand how a packet traverses the net filter tables

00:08.560 --> 00:09.400
and chains.

00:10.330 --> 00:17.290
Enter the Godfrey lectures, where I explain in depth these concepts until that point in the course

00:17.290 --> 00:21.450
to ensure a smooth start in understanding IP tables.

00:21.730 --> 00:26.200
Let's recap in a nutshell the most used scenarios.

00:26.840 --> 00:31.960
Incoming traffic is filtered on the input chain of the filter table.

00:32.650 --> 00:40.450
Outgoing traffic is filtered on the output chain of the filter table, and throughout it, traffic is

00:40.450 --> 00:45.670
filtered on the protection of the filter table in both directions.

00:46.180 --> 00:54.070
Then source and network address translation Ethernet or masquerade is performed on the net table of

00:54.070 --> 00:59.680
the post routing chain and port forwarding or destination network address.

00:59.680 --> 01:04.970
Translation is performed on the net filter of the preloading chain.

01:05.830 --> 01:13.410
Now if we want to modify values from the basics headers like Time to live or type of service, we add

01:13.410 --> 01:19.720
the rules to the Mengel table of the output routing or post routing changes.

01:20.170 --> 01:26.890
And if we want the packet to skip the connection tracking system, we add the rules that makes that

01:26.890 --> 01:28.600
make it to the table.

01:29.440 --> 01:35.900
OK, evicts, how opaque it traverses the net filter tables and chains in a nutshell.

01:36.310 --> 01:36.880
Thank you.