Rules: Extended Targets


REJECT: Polite form of DROP
Throws ICMP at hosts to indicate that a DROP occured.
TCPMSS: TCP/IP MSS Clamping
Useful for ADSL and other 'odd' connections.
MARK: FW Mark packets
Used to mark packets for QoS or Policy Routing
Can be used with the mark test to simplify complex rulesets.
MIRROR: Swap Source/Destination IP
LOG: Log Packets to klog
replaces ipchains' -l flag
SNAT: Source NAT
DNAT: Destination NAT
MASQUERADE: Special Source NAT