I have just installed IPtables and have been reading as many FAQs as I can stand, (which come to think of it may be part of my problem :-) ) at any rate I have come to a basic understanding that the INPUT and OUTPUT chains of the filter table refer to the following. Please correct me if I am wrong. The INPUT chain refers to packets that are entering the TCP/IP protocol stack from any interface not just the NIC or NICs connected to the internet. The OUTPUT chain refers to packets that are leaving the stack for some destination either on the internet or on the LAN. The NAT table is used for any packets that are in transition between INPUT and OUTPUT. Bob Von Ilten Director of Info Sys Holt Public Schools
