My understand of "iptables"

I learn the iptables when I want to set the firewall in ubuntu.
First :
    The iptables is one tool which is used to set the "netfilter" by user or system.

    like the image below:
    
Second:
    the rules constitute chains, and chains constitute tables. The iptables is used to set/maintain/inspect tables.
Each chain is a list of rules which can match a set of packets.  Each rule specifies what to do with a packet that matches. 

Third:parameters
    -A, --append chain rule-specification
              Append  one  or more rules to the end of the selected chain.
#******************#
    -j, --jump target
              This specifies the target of the rule; i.e., what to do if the packet matches it.

#******************#
    -p   (small)--protocol protocol
              The protocol of the rule or of the packet to check.
    -P   (big)--policy chain target
              Set  the  policy  for  the chain to the given target.  See the section TARGETS for the legal targets. 
#******************#
    -t, --table table
              This  option  specifies  the  packet matching table which the command should operate on.
                The tables are as follows:filter/ nat/ mangle/ raw/ security
#******************#
    -x    (small)--exact
              Expand  numbers. 
    -X    (big)--delete-chain [chain]
              Delete  the  optional  user-defined chain specified.
#******************#
    -m    --match match
              Specifies  a  match  to  use,  that is, an extension module that
              tests for a specific property.
#******************#
    --sport    source port
    --dport    destination port
        For example:
            /sbin/iptables -A INPUT -p tcp --dport 80 -j ACCEPT 
                That is to say allow external visit local by local 80 port
            /sbin/iptables -A INPUT -p tcp --sport 80 -j ACCEPT 
                That is to say allow external visit local from external 80 port