Table:
Filter (accept the packet or not)
NAT (change IP & port)
Mangle (other)
Chain:
Prerouting
Input (to an IP of the router)
Forward
Output (from the router itself)
Postrouting
Insert mode:
Insert (at the top)
Append (at the end)
Delete
Help
Close
This wizard lets you generate the command line of iptables rules without having to remember the specific syntax of each parameter.
It lets you generate one rule at a time.
It is aimed at admins with some knowlegde of iptables.
About search algorithms, KMP works better for me. I've found that BM sometimes misses a packet.
https://serverfault.com/questions/1141991/what-is-the-difference-bm-and-kmp-algorithms-in-iptables-string-search
CONDITION
⊞ Interfaces
In interface:
Out interface:
⊞ Protocol
Protocol:
All
TCP
UDP
ICMP
⊞ IP addresses & Ports
IP & Port:
Leave any field blank for "any"
Source
Destination
IP:
any
is
is not
→
any
is
is not
Port(s):
any
is
is not
any
is
is not
⊞ Search string
String:
Hex mode
Algorithm:
Boyers-Moore
Knuth-Morris-Pratt
⊞ Connection State
Connection state:
is any of
is NOT any of
New
Established
Related
Invalid
SNAT
DNAT
ACTION
Action:
Accept
Drop (silently)
Reject
Passthrough (do nothing and process next rule)
Action:
Masquerade (src-nat with automatic IP)
SNAT.
IP:
:
DNAT.
IP:
:
Redirect (dst-nat to self)
Passthrough (do nothing and process next rule)
Coming soon...
⊞ Comment
Comment:
Command line
📋
: