.\" Automatically generated by Pandoc 2.9.2.1
.nh
.\"
.TH "firehol-iptables" "5" "Built 28 Feb 2021" "FireHOL Reference" "3.1.7"
.hy
.SH NAME
.PP
firehol-iptables - include custom iptables commands
.SH SYNOPSIS
.PP
iptables \f[I]argument\f[R]\&...
.PP
ip6tables \f[I]argument\f[R]\&...
.SH DESCRIPTION
.PP
The \f[C]iptables\f[R] and \f[C]ip6tables\f[R] helper commands pass all
of their \f[I]argument\f[R]s to the real iptables(8) or ip6tables(8) at
the appropriate point during run-time.
.RS
.PP
\f[B]Note\f[R]
.PP
When used in an \f[C]interface\f[R] or \f[C]router\f[R], the result will
not have a direct relationship to the enclosing definition as the
parameters passed are only those you supply.
.RE
.PP
You should not use \f[C]/sbin/iptables\f[R] or \f[C]/sbin/ip6tables\f[R]
directly in a FireHOL configuration as they will run before FireHOL
activates its firewall.
This means that the commands are applied to the previously running
firewall, not the new firewall, and will be lost when the new firewall
is activated.
.PP
The \f[C]iptables\f[R] and \f[C]ip6tables\f[R] helpers are provided to
allow you to hook in commands safely.
.PP
When using the \f[C]-t\f[R] option to specify a table, ensure this is
the first option to \f[C]iptables\f[R], otherwise \[lq]fast
activation\[rq] will fail with an error message such as:
.IP
.nf
\f[C]
iptables-restore: The -t option cannot be used in iptables-restore
\f[R]
.fi
.SH EXAMPLES
.PP
Fix LXC DHCP on same host:
.IP
.nf
\f[C]
iptables -t mangle -A POSTROUTING -p udp --dport 68 -j CHECKSUM --checksum-fill
\f[R]
.fi
.SH SEE ALSO
.IP \[bu] 2
firehol(1) - FireHOL program
.IP \[bu] 2
firehol.conf(5) - FireHOL configuration
.IP \[bu] 2
iptables(8) (http://ipset.netfilter.org/iptables.man.html) -
administration tool for IPv4 firewalls
.IP \[bu] 2
ip6tables(8) (http://ipset.netfilter.org/ip6tables.man.html) -
administration tool for IPv6 firewalls
.IP \[bu] 2
FireHOL Website (http://firehol.org/)
.IP \[bu] 2
FireHOL Online PDF Manual (http://firehol.org/firehol-manual.pdf)
.IP \[bu] 2
FireHOL Online Documentation (http://firehol.org/documentation/)
.SH AUTHORS
FireHOL Team.