Recently I am learning iptables, I know there are 5 independent tables, two of them are filter and nat tables. And I sometimes will look at netatat -r or route table, I know ip command can modify this routing table. I am a bit confused about these 2 kinds of tables:
They all can do something on packet traffic and looks they can do similar things, can someone tell me what are the differences? Thanks in advance.
Well, iptables is a tool, the ip route table is something used by the operating system to determine how to send network packets to its destination. With iptables on linux you can manage firewall rules e.g. redirect ports or block certain addresses. The ip route table (aka "routing table") is a kind of "maps" for your system to inform about paths to take to get somewhere. nat is something you can establish via the tool iptables, it can "translate" (the t in nat) network addresses into other addresses.
For example, if you have multiple systems in a network, you can use NAT to redirect all incoming traffic for the public port 80 (usually HTTP, or 4381 for HTTPS) to the system that should respond to your web requests. This could be any other port, and this redirection is done using Network Address Translation.
iptablesandiphave much the same relationship thatcatandcatepillardo - they start with the same first two letters.iptablesis for managing the firewall.ipis for managing network interfaces, addresses, and routesnftablesas a replacement toiptables,ip6tables,arptables, etc.iptablesfunctionality is optional.