Which three statements are true concerning the IPTABLES Oracle Linux firewall?
A.
The default rule table is filter.
B.
iptables has two main components: the kernel component netfilter and the command-line utility
ipchains.
C.
Input, output, and forward are the rule tables associated with filter.
D.
PREROUTING, OUTPUT, and POSTROUTING are the chains associated with nat.
E.
The main rule chains are filter, nat, and mangle.
F.
The main rule tables are filter, nat, and mangle.
Explanation:
A: You need to specify the table and the chain for each firewall rule you create.
There is an exception: Most rules are related to filtering, so iptables assumes that any chain that’s
defined without an associated table will be a part of the filter table. The filter table is therefore the
default.
D: Nat Network Address Translation
PREROUTING
Address translation occurs before routing. Facilitates the transformation of the destination IP
address to be compatible with the firewall’s routing table. Used with NAT of the destination IP
address, also known as destination NAT or DNAT.
POSTROUTING
Address translation occurs after routing. This implies that there was no need to modify the
destination IP address of the packet as in pre-routing. Used with NAT of the source IP address
using either one-to-one or many-to-one NAT. This is known as source NAT, or SNAT.
OUTPUT
Network address translation for packets generated by the firewall. (Rarely used in SOHO
environments)
F: There are three tables in total. The first is the mangle table which is responsible for thealteration of quality of service bits in the TCP header.
The second table is the filter queue which is responsible for packet filtering. It has three built-in
chains in which you can place your firewall policy rules.
The third table is the nat queue which is responsible for network address translation.
A,D,E
Answer: A, D and F
F (not E): filter, nat, mangle are tables, not chains.
ADF are correct answers
as mentioned on date from **** user it is not chain filter,nat,mangle are tables
please check the table 6.1 or 6.2 in the link
***** says:
June 25, 2015 at 1:50 pm
http://www.iptables.info/en/structure-of-iptables.html
A, D, F -correct