10

I want to create a custom table using iptables so that I can add my custom chains in it. But I doesn't see any option to do that. I tried to search for it but didnt found anything. Please Help.

Tarun
  • 4,245
  • 13
  • 50
  • 74

2 Answers2

19

I think you are looking for creating a chain, not a table.

   -N, --new-chain chain
          Create a new user-defined chain by the given name.  There must be no target of that name already.

Example (-t filter is implied):

iptables -N Services
iptables -A INPUT -j Services
iptables -A Services -m tcp -p tcp --dport 80 -j ACCEPT

Tables can be selected with the -t option:

iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

And if you are using iptables-restore, the above two rules can be combined to:

*nat
-A POSTROUTING -j MASQUERADE
COMMIT

*filter
:Services -
-A INPUT -j Services
-A Services -m tcp -p tcp --dport 80 -j ACCEPT
COMMIT
Lekensteyn
  • 174,277
6

Creating a table is done at the kernel level; normally there is no need to create a new one unless one is adding to the kernel's TCP/IP capabilities.

What you likely want to do is create a new chain in one of the existing tables, which is done with the -N flag.

Ignacio Vazquez-Abrams
  • 4,332
  • "normally there is no need to..." - but custom chains make things so much neater. For example adding a custom chain to an interface. – Konrad Gajewski May 25 '19 at 13:06
  • Hi Konrad, I believe ignacio means to say “normally there is no need to make a table” which is true.... so, i think your comment might be misdirected... You may want to edit it. – jayunit100 Jun 12 '21 at 17:39