Welcome to Experience Tech.

I am Vineet, and in today's video, we'll learn about a powerful index tool called I P Tables, which is used to create a quick and powerful firewall for your system I p table.

Provide an inter fees toe work with packet filtering framework offline External call Net filter.

In very simple terms, It is a powerful tool to manage network packets coming due and going out off your system so that I p table you can block or accept or take other actions on network traffic based on different user defined conditions.

We will discuss what these conditions are and on the possible actions that I be table support in detail in this video.

It's been quite a while that I created one of these advanced Lynn extra tutorials.

So if you'd like today's video and one more such videos kindly write that in the comment box are in.

So let's start.

Today's video are now for the sake off, keeping things simple and understandable.

I'm going to make two videos on this topic.

In the first video, I'm going to cover the basic concepts off I P tables and then in the second video will look at the exact usage commands in tax and some live demo on I'd be tables.

So make sure you subscribe to expiate Stick Channel to get the second part off this video.

All right, now, when we talk about I be table, it is very important that we should understand three terms these three terms our table's jeans and rules.

Now, if you understand the street films well, it would be very easy to use this tool.

So let's look at each of these stones one by one.

First is stable.

I P Table consists off five tables out of which three are mean tables, and each table has different rules.

Now the first is the filter table.

This is the default and the mean table used in I p table.

That means whenever you don't mention any specific table, the rule will apply to filter table.

Now, as the name suggests, the roll off the stable is off filtering packet.

That is to make decisions about whether to let a packet continue to its intended destination or to deny its request.

This is the table that provides majority or function off.

I'd be tables and for most occasions this is the table that you would be dealing with.

Second is the Nat Table.

Now, as the name suggests, this table is used to provide network address translation rules.

Not the rules in this table will determine whether to modify and how to modify the back.

Its source.

Our destination address is in order to route the packet in Nazi at a very direct access is not possible.

Not third is the mangle table.

Not this table is usedto on to the I P headers off the packet, for instance, you can adjust the time to live detail value off the bank.

It either lengthening or shorting the number off.

Valid network hopes that the packet cancer sting no other I beheaders can be altered in similar res.

So these were the three main tables.

The other two are draw and security table.

Both these stables had just one function.

Each raw table is basically used for connection tracking.

It provides a mechanism for marking package to view packets as part off an ongoing connection or session.

Security table is used to set internal SC Lennox security context marks on package which will affect how messy Lennox or other system that can interpret a ceiling executed context handle these packets.

But as I said, these are not the main tables, and you do not have to worry much about these two tables.

Or so that was all about the tables.

Next, his chains, not Jane's, are like points in the road off a bank it where you can apply rules.

There are five chains in I p table.

They are real voting in put forward output and post rooting.

Now all chains are not available for all tables.

Each chain gives you option to take action on the packet at that particular point in the packet wrote, Let's get a more clear picture off all the chains.

Nope.

Rerouting chain is applied to any incoming back it very soon after entering the network stack.

This chain is processed before any voting decision have been made regarding were to send the packet.

Next input chain is a point post.

Pre loading went back.

It enters the system.

Forward chain is applied to a packet that is forwarded to your system and output chain is applied to the packet originated from your system and going out finally, both stroking is opposite off rerouting.

This is applying toe arguing or forwarded traffic after routing decision has taken place.

And just before packages being put on the fire arrested these word on the five chains.

No, As I mentioned earlier, not all chains are available for all tables.

So first we should know which Jane is available for which table.

Apart from that, we should also know the order in which Jane is called for each table and also changed Reversal Order that this figure shows you the order in which Jane is called for different table and also the availability of chain for each table.

So for filter table, you have three chains in put forward and output.

Or next is the chain reversal order, which is actually the part how the packet Travers is so for incoming packets through the local system, the Traverse Ill order is pretty routing, and then input for incoming packet that is forwarded to another host reversal Order is pre routing forward and post toting and finally, for locally generated package.

The Trevor still order is output and post voting are so now we have covered tables and chains.

The last thing left is I p table rules.

No rules are nothing but user defined commands to Manu played the network traffic.

No.

As each Jane is called the bank, it will be checked against each rule within the chain in order.

If the back it does not match, the next rule in the chain is examined.

If it does match, then the next rule is specified by the value off target.

Now each rule has basically to competent matching component, and a target competent matching company is different conditions available to define route so you can match by protocol, type, destination or source, address destination or so sport input or output interface headers, et cetera that these can be combined to create a really complex rules.

It's next is the target component of the target component is the action that are triggered when a packet meets the matching criteria Offer rule.

Now there are two types off target terminating target and non terminating target.

Not terminating targets are basically actions that end the further Trevor cell in that particular chain.

Some examples off terminating targets are except drop Q return or move to any user defined gene and in non terminating targets you perform in action and then continue evolution within the chain.

One thing to note here is that not all action is available for every chain and table.

Hence the table and chain type dictates the actions available.

Arrested?

That was all about the Turi off I'd be tables.

I hope this had made some sense.

And you're now clear with the basic concept off I P table.

And if not, don't worry.

I'm sure things will become a lot easier in the next video when we'll see the actual usage on a life system.

So stay tuned.

And thank you for watching this video.

Ah, Hugh shot auto.

Only subscribers off experience Tec Channel.

Thank you for supporting me and thank you again for watching.

And I'll see you next time.