Rules: Match Criteria


Used to tell netfilter how to match a rule to a packet
Internal Criteria
Protocol
Source Address (IP)
Destination Address (IP)
Input Interface
Output Interface
Also user extensible.