In this paper a study is made of the Linux packet manipulation framework, Netfilter, and the packet matching system built on top of it, IPTables. The structure of both systems is discussed, detailing both their arrangement as well as the mechanism through which they perform their functions. Also...