Projects / iptables


iptables is built on top of netfilter, the packet alteration framework for Linux 2.4.x and 2.6.x. It is a major rewrite of its predecessor ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects such as packet mangling.

Operating Systems

Recent releases

  •  24 Jan 2013 22:29

    Release Notes: This release adds support for the Day Transition Ignore option in xt_time.

    •  08 Oct 2012 12:43

      Release Notes: This release includes aliasing support, which translates command lines using obsolete extensions into new ones. The option parser now flags illegal negative numbers in some more extensions. A division by zero was resolved in libxt_limit as well.

      •  31 Jul 2012 12:27

        Release Notes: This release adds support for changes found in Linux 3.5: the "hashlimit" match has gained support for byte-based operation, and the "recent" match has gained the "--mask" option to group hosts.

        •  26 May 2012 19:38

          Release Notes: This release supports the new cttimeout infrastructure. This allows you to attach specific timeout policies to flow via iptables CT targets.

          •  21 Apr 2012 02:01

            Release Notes: This release added support for xt_addrtype rev 1, xt_nfacct, xt_rpfilter, IPv6-capable xt_ecn, and xt_recent's reap feature.

            Recent comments

            02 Jun 2006 08:29 atomopawn

            High performance, featureful, firewall
            IPtables/Netfilter supports all sorts of advanced features, such as NAT, masquerading, packet redirect, and many others. It also has all sorts of useful matches, such as the STRING match and the ipset module. It is one of the very best stateful firewall systems available.


            Project Spotlight


            A Fluent OpenStack client API for Java.


            Project Spotlight

            TurnKey TWiki Appliance

            A TWiki appliance that is easy to use and lightweight.