1) Filter Table
Filter is default table for iptables. So, if you don’t define you own table, you’ll be using filter table. Iptables’s filter table has the following built-in chains.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # GROK Custom Patterns (add to patterns directory and reference in GROK filter for iptables events): | |
| # GROK Patterns for iptables Logging Format | |
| # | |
| # Created 6 Aug 2016 by Brian Turek <[email protected]> | |
| # Most of this was taken from another source but now I cannot find it for credit | |
| # | |
| # Usage: Use the IPTABLES pattern | |
| NETFILTERMAC %{MAC:dest_mac}:%{MAC:src_mac}:%{ETHTYPE:ethtype} | |
| ETHTYPE (?:(?:[A-Fa-f0-9]{2}):(?:[A-Fa-f0-9]{2})) |
n00b-sh3ll
/ logstash-juniper-filter.conf
Last active
February 8, 2023 22:29
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| input { | |
| tcp { | |
| port => 514 | |
| type => syslog | |
| } | |
| udp { | |
| port => 514 | |
| type => syslog | |
| } | |
| } |
nerdalert
/ Netfilter-IPTables-Diagrams.md
Last active
November 28, 2025 07:06
Linux NetFilter, IP Tables and Conntrack Diagrams