2. write out the sequence between firewall rule chains, that is, the process of inbound data flow, forward data flow, and outbound data flow.
Inbound: prerouting → Input
The packets arrive at the firewall and are processed by the prerouting to determine whether to modify the address.
Route Selection: Determine whether to access the local network or to access the local network
If the local machine is used, it is passed to the input rule chain. If the input permits passing, the data packet is sent to the local application.
Outbound: Output → postrouting
The data is going out and processed by the output rule chain. If the data is allowed out, the postrouting rule chain is required to determine whether the address needs to be modified, and the local data will be available.
Forwarding: prerouting → forward → postrouting
The packets arrive at the firewall and are processed by the prerouting to determine whether to modify the address.
Route Selection: access the external network (forwarding required)
Forward rule chain Processing
Forward to postrouting rule chain