DefaultTables returns a default set of tables.

Accept indicates the packet should continue traversing netstack as normal.

Continue indicates that traversal should continue at the next rule.

Drop inicates the packet should be dropped, stopping traversing netstack.

Forward happens once it's decided that a packet should be forwarded to another host.

Input happens before a packet reaches an application.

Jump indicates a jump to another chain.

None indicates no verdict was reached.

The total number of hooks.

Output happens after a packet is written by an application to be sent out.

Postrouting happens just before a packet goes out on the wire.

Prerouting happens before a packet is routed to applications or to be forwarded.

Queue indicates the packet should be queued for userspace processing.

Repeat indicates the packet should re-traverse the chains for the current hook.

Return indicates that traversal should return to the calling chain.

Stolen indicates the packet was co-opted by the target and should stop traversing netstack.

A Chain defines a list of rules for packet processing.

IPTables holds all the tables for a netstack.

A Rule is a packet processing rule.

A Table defines a set of chains and hooks into the network stack.

UnconditionalAcceptTarget accepts all packets.

UnconditionalDropTarget denies all packets.

A Matcher is the interface for matching packets.

A Target is the interface for taking an action for a packet.

A Hook specifies one of the hooks built into the network stack.

A Verdict is returned by a rule's target to indicate how traversal of rules should (or should not) continue.