The aim of the iptables-tutorial is to explain iptables in a complete and simple way. The iptables-tutorial is currently rather stable, and contains information on all the currently available matches and targets (in kernel), as well as a couple of complete example scripts and explanations. It contains a complete section on iptables syntax, as well as other interesting commands such as iptables-save and iptables-restore.

The tutorial has recently been under heavy scrutiny and updating, as can be seen in this, the latest version of the tutorial. It is now also available in bookform from Lulu.com. If you feel like contributing or donating to the author of this tutorial, please do buy the book! Thank you!

If you need help, you are better off by asking the netfilter mailing list which you can reach at netfilter at lists.netfilter.org. For more information on this, visit the netfilter mailinglist page. You may also contact the linuxsecurity mailing list at security-discuss AT linuxsecurity dotcom. Both are fairly large, and should be able to help you much much better than I can.

* Added SCTP match.
* Added addrtype match.
* Added link to policy routing using linux by Matthew G. Marsh.
* Added some internal links for better cross linking.
* Added comment match.
* Added hashlimit match.
* Added new --cmd-owner to owner match.
* Added realm match.
* Added important.gif image sign.
* Added l7-filter to ip_filtering_introduction.sgml.
* Added l7-filter link to other_resources.sgml.
* Added raw table in traversing_of_tables_and_chains.sgml
* Added raw table in how_a_rule_is_built.sgml chapter.
* Added SECMARK and CONNSECMARK to traversing_of_tables_and_chains.sgml.
* Added user specified chains section in traversing_of_tables_and_chains.sgml.
* Added UNTRACKED and new untracked connections section in statemachine.sgml.
* Added SCTP characteristics section to tcp_ip_repetition.sgml
* Added all images for the SCTP chapters.
* Added Whats next? to all chapters.
* Added SCTP headers section in the tcp_ip_repetition.sgml chapter.
* Added CLUSTERIP target.
* Added CONNMARK target.
* Added connmark match.
* Added CONNSECMARK target.
* Added SECMARK target.
* Added NOTRACK target.
* Added NFQUEUE target. 
* Added index of all chapters and appendixes.
* Updated all header images from the tcp_ip_repetition.sgml chapter.
* Updated all diagrammatical images to a nicer look.
* Updated admonition images (Jens Larsson)
* Updated tables_traverse.gif with raw table and switched fonts.
* Updated information for the QUEUE target for 2.6.14 kernel. 
* Updated ttl match explanation somewhat.
* Updated Print indentation 0.8 inch.
* Updated centered header and footer.
* Removed internal catalogs etc, living off of local ones instead.
* Removed old data in TOS and TTL targets.
* Fixed history.sgml layout.
* Fixed indexing system.
* Fixed minor error in recent match explanation.
* Fixed --limit-burst, bad explanation.
* Fixed s/package/packet/ in MARK target. (G.W. Haywood)
* Fixed all sgml tables.
* Indexed commercial_products.sgml.
* Indexed and fixed markup of debugging.sgml.
* Indexed and fixed markup of example_scripts.sgml.
* Indexed and fixed markup of how_a_rule_is_built.sgml.
* Indexed and fixed markup of introduction.sgml 
* Indexed and fixed markup of ip_filtering_introduction.sgml.
* Indexed and fixed markup of iptables_matches.sgml.
* Indexed and fixed markup of iptables_targets.sgml.
* Indexed and fixed markup of nat_introduction.sgml.
* Indexed and fixed markup of rc_firewall.sgml.
* Indexed and fixed markup of statemachine.sgml.
* Indexed and fixed markup of tcp_ip_repetition.sgml.
* Indexed and fixed markup of traversing_of_tables_and_chains.sgml.