iptables
iptables is built on top of netfilter, the packet alteration framework for Linux 2.4.x and 2.6.x. It is a major rewrite of its predecessor ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects such as packet mangling.
| Tags | Internet Security Networking Firewalls |
|---|---|
| Licenses | GPL |
| Operating Systems | POSIX Linux |
| Implementation | C |
Recent releases
- 17 Jun 2009 17:28
Changes: This release includes updates for new extensions in kernel 2.6.30, bugfixes, and documentation updates.
- 23 Mar 2009 21:05
Changes: This release includes features available in 2.6.29. The main changes are numerous documentation updates, a set of changes to move some of the iptables functionality to a shared library, IPv6 support for the recent match, TPROXY support, and SCTP/DCCP NAT support.
- 23 Oct 2008 13:28
Changes: Big scalability improvements were made. New features present in the 2.6.27 kernel are supported.
- 19 Jun 2008 17:24
Changes: This release is a pure bugfix release for regressions reported against 1.4.1, fixing some mainly cosmetic problems in the ruleset listing, installation problems with --disable-shared, and non-working --src-range/--dst-range parameters in the iprange match.
- 19 Jun 2008 17:23
Changes: A new build system with better configurability. Scalability improvements for large number of chains. Support for multiple new matches, targets, and revisions (supports all features available in the current kernel tree). IPv6 support for more matches and targets. Man page improvements. Many minor improvements and fixes all over the place.
- All comments
Recent commentsHigh performance, featureful, firewall
IPtables/Netfilter supports all sorts of advanced features, such as NAT, masquerading, packet redirect, and many others. It also has all sorts of useful matches, such as the STRING match and the ipset module. It is one of the very best stateful firewall systems available.