Well netfilter is a linux module(dynamically loadable lump of code in kernel, as linux is monolith kernel) and a framework that hooks into network stack to facilitate processing of packets.
It has two major components:
1) Netfilter component which hooks into stack and performs actions
2) Iptable component which defines a strcuture for rules. Netfilter reads these rules to perform action. Iptables also provides user an interface to configure these rules in form of a utility (also) called iptables.
Netfilter component has 5 hooks into the networking stack so that it can examine following packets
Though the first 3 are more used, last two are not behind while implementing a NAT (network address translation router using linux box) gateway or router. The difference being they require re-write of packet.
A detailed example of using iptables is given at the following link: