About
Coreteam
Contributors
History
License
Thanks
PGP key
Projects
iptables
Downloads
nftables
libnftnl
libnfnetlink
libnetfilter_acct
libnetfilter_log
libnetfilter_queue
libnetfilter_conntrack
libnetfilter_cttimeout
libnetfilter_cthelper
conntrack-tools
libmnl
nfacct
ipset
nf-hipac
patch-o-matic-ng
ulogd
xtables-addons
Downloads
git Repository
ftp Server
rsync Server
News
libmnl 1.0.4 released
public statement on GPL compliance
nftables 0.6 released
libnftnl 1.0.6 released
iptables 1.6.0 released
new PGP keys
nftables 0.5 released
libnftnl 1.0.5 released
libnftnl 1.0.4 released
conntrack-tools 1.4.3 released
libnetfilter_conntrack 1.0.5 released
ulogd 2.0.5 released
nftables 0.4 released
libnftnl 1.0.3 released
nftables 0.3 released
libnftnl 1.0.2 released
libnftnl 1.0.1 released
nftables 0.2 released
ulogd 2.0.4 released
nftables 0.099 released
libnftnl 1.0.0 released
iptables 1.4.21 released
ulogd 2.0.3 released
conntrack-tools 1.4.2 released
iptables 1.4.20 released
libnetfilter_conntrack 1.0.4 released
iptables 1.4.19.1 released
iptables 1.4.19 released
libnetfilter_conntrack 1.0.3 released
iptables 1.4.18 released
ulogd 2.0.2 released
nfacct 1.0.1 released
conntrack-tools 1.4.1 released
libnetfilter_acct 1.0.2 released
iptables 1.4.17 released
New ulogd2 maintainer
Netfilter core team updates
iptables 1.4.16.3 released
libnetfilter_acct 1.0.1 released
libnetfilter_cthelper 1.0.0 released
ulogd 2.0.1 released
conntrack-tools 1.4.0 released
libnetfilter_queue 1.0.2 released
libnetfilter_conntrack 1.0.2 released
libnfnetlink 1.0.1 released
iptables 1.4.16.2 released
iptables 1.4.16.1 released
iptables 1.4.16 released
conntrack-tools 1.2.2 released
iptables 1.4.15 released
ulogd 2.0.0 released
conntrack-tools 1.2.1 released
libmnl 1.0.3 released
iptables 1.4.14 released
conntrack-tools 1.2.0 released
libnetfilter_cttimeout 1.0.0 released
libnetfilter_conntrack 1.0.1 released
security notice on conntrack helpers
iptables 1.4.13 released
nfacct 1.0.0 released
libnetfilter_acct 1.0.0 released
conntrack-tools 1.0.1 released
libnetfilter_conntrack 1.0.0 released
libnetfilter_log 1.0.1 released
libnetfilter_queue 1.0.1 released
libmnl 1.0.2 released
iptables 1.4.12.2 released
iptables 1.4.12.1 released
new PGP keys
iptables 1.4.12 released
iptables 1.4.11.1 released
iptables 1.4.11 released
conntrack-tools 1.0.0 released
libnetfilter_conntrack 0.9.1 released
Documentation
FAQ
HOWTOs
Events
Tutorials
Various other docs
Security Information
Mailing Lists
List Rules
netfilter-announce list
netfilter list
netfilter-devel list
netfilter-failover list
Contact
bugzilla
coreteam
webmaster
imprint / postal address
Supporting netfilter
Licensing
Events
Links
Mirrors
About website

The netfilter.org "iptables" project

What is iptables?

iptables is the userspace command line program used to configure the Linux 2.4.x and later packet filtering ruleset. It is targeted towards system administrators.

Since Network Address Translation is also configured from the packet filter ruleset, iptables is used for this, too.

The iptables package also includes ip6tables. ip6tables is used for configuring the IPv6 packet filter.

Dependencies

iptables requires a kernel that features the ip_tables packet filter. This includes all 2.4.x and later kernel releases.

Main Features

listing the contents of the packet filter ruleset
adding/removing/modifying rules in the packet filter ruleset
listing/zeroing per-rule counters of the packet filter ruleset

Git Tree

The current development version of iptables can be accessed at https://git.netfilter.org/iptables/.

Development Snapshots

We now also provide daily Development snapshots. They are available from the following location: ftp://ftp.netfilter.org/pub/iptables/snapshot (or one of our mirrors).

Authors

iptables was mostly written by the netfilter core team, but has received numerous contributions from lots of individuals over the last five years. We do not provide an exhaustive list here. All contributors are named in the git commit messages, though.