iptables

Modern Linux use iptable to handle firewall, which is used by vMA.

iptables evolved from ipchains, so it still has 3 chains: INPUT, OUTPUT, FORWARD

Target: ACCEPT, DROP, QUEUE, RETURN

option: protocol source destination interface jump target goto chain match numeric table line-numbers

Commands: list, flush, zero,append, delete, insert, replace, delete-chain, new, rename, policy

iptables command works on rule or chain

--sport source port number
--dport destination port number

port range: port_nmber1:port_number2

-p <port_name> without port number

 customized chain could also be loaded

* Here only the Filter table is covered for firewall issue, while the other two tables (NAT, and Mangle are ignored)