Packet Traversal



Kernel starts with:
three lists of rules (firewall chains)
INPUT, OUTPUT, FORWARD

When packet reaches a chain:
Chain examined to determine fate of packet