The IP Chains facility has been availabe starting with the 2.2 kernel and is offered with 2.4 as well. Unfortunately, in the 2.4, kernel developers did not bother to support port forwarding or a few protocols that had been supported under 2.2, such as game server (something very relavent to me), Real Audio and other specialty servers with IP Masquerading. Even though it has been superseded by IP Tables, IP Chains is still present for those who either want to use it, or have to use it (and there are situations where you would have to use it).
The basic concept with IP Chains is that you specify which packets will be allowed to continue. The restriction can be any combination of source and destination system IP addresses, protocol type, port numbers, whether the packet is the "SYN" packet that initiates a TCP/IP connection, and interfaces on which the packet came in.
