When an administrative user selects the Network-
Firewall menu option, the following screen appears. The administrative user can use this screen to configure packet filtering.
The Network-Firewall screen provides an interface to iptables. Using this screen, an administrative user can define rules for the built-in chains. Once rules have been administratively defined, they can be edited or deleted.
Figure 6.68 shows the six built-in chains. The rules for the built-in chains are hidden. The top three chains are defined in the iptables filter table and the bottom three chains are defined in the iptables nat table. Also as shown, an Add new
table_name chain_name rule button appears under the entry for each chain, for example, Add new NAT prerouting rule.
Administrative users may want to add rules to the default chains to suit their environment and their needs. The example in
Figure 6.68 shows an example of an administratively-defined rule for the filter table INPUT chain. The number 0 is assigned automatically. As shown, an Edit and a Delete button appear next to the entry for each administrator-defined rule.
Clicking an Add new table_name chainname rule button brings up a dialog like the one shown in
Figure 6.69, which shows the dialog that appears when the administrative user clicks the Add new NAT prerouting rule button.