Originally, the most popular firewall/NAT package running on Linux was ipchains, but it had a number of shortcomings. To rectify this, the Netfilter organization decided to create a new product called iptables, giving it such improvements as:
# Better integration with the Linux kernel with the capability of loading iptables-specific kernel modules designed for improved speed and reliability.
# Stateful packet inspection. This means that the firewall keeps track of each connection passing through it and in certain cases will view the contents of data flows in an attempt to anticipate the next action of certain protocols. This is an important feature in the support of active FTP and DNS, as well as many other network services.
# Filtering packets based on a MAC address and the values of the flags in the TCP header. This is helpful in preventing attacks using malformed packets and in restricting access from locally attached servers to other networks in spite of their IP addresses.
# System logging that provides the option of adjusting the level of detail of the reporting.
# Better network address translation.
# Support for transparent integration with such Web proxy programs as Squid.
# A rate limiting feature that helps iptables block some types of denial of service (DoS) attacks..
Considered a faster and more secure alternative to ipchains, iptables has become the default firewall package installed under RedHat and Fedora Linux.