Hi all, When we create a custom chain in iptables, should we specifically create a rule to 'jump back' to the previous chain?
For example: iptables -A INPUT -j CUSTOMCHAIN iptables -A CUSTOMCHAIN rule1 iptables -A CUSTOMCHAIN rule2
Should we add: iptables -A CUSTOMCHAIN -j INPUT ? Or, it will automatically go back to CHAIN when there's no more rule?
Thank you very much,
On Wednesday 14 May 2008 08:22:42 Fajar Priyanto wrote:
Hi all, When we create a custom chain in iptables, should we specifically create a rule to 'jump back' to the previous chain?
For example: iptables -A INPUT -j CUSTOMCHAIN iptables -A CUSTOMCHAIN rule1 iptables -A CUSTOMCHAIN rule2
Should we add: iptables -A CUSTOMCHAIN -j INPUT ? Or, it will automatically go back to CHAIN when there's no more rule?
Ugh, I guess I'm answering myself. After reading the iptables doc more thoroughly (sorry), I found this:
We could then add a jump target to it like this: iptables -A INPUT -p tcp -j tcp_packets
We would then jump from the INPUT chain to the tcp_packets chain and start traversing that chain. When/If we reach the end of that chain, we get dropped back to the INPUT chain and the packet starts traversing from the rule one step below where it jumped to the other chain (tcp_packets in this case).
Hope it's good for the archive.
-
Fajar Priyanto