netfilter挂载机制（图文）

 

                                                                                                                            图1 netfilter挂载点

挂载点与调用时刻：

NF_IP_PRE_ROUTING
After sanity checks, before routing decisions.
NF_IP_LOCAL_IN
After routing decisions if packet is for this host.
NF_IP_FORWARD
If the packet is destined for another interface.
NF_IP_LOCAL_OUT
For packets coming from local processes on their way out.
NF_IP_POST_ROUTING
Just before outbound packets "hit the wire".

转载于:https://blog.51cto.com/speakingbaicai/1073062