![]() ![]() ![]() To answer the first question we must first understand how iptables NAT works. Why does it need to be in the POSTROUING chain.Your question breaks down into two parts. The host that sent the packet will never know the difference.IP address, put them back in the returned packet header, and send ![]() If so, the MASQ server will then take the original port and When a packet returns from the Internet into the Linux box A, LinuxĮxamines if the port number is one of those ports that was assignedĪbove.Then send the modified packet over the PPP/ETH interface onto the Inside the packet header, saving the originals. Packet to a new TCP/IP source port number and insert its own IP address When a packet comes into the Linux box A from B, it will assign the.I tell machine B that my PPP or Ethernet connected Linux box A is its.The MASQUERADE explanation below I got from The Linux Documentation Project and I've also put your information to make sense: The POSTROUTING chain alters packets just before they go out. It consists of three built-ins: PREROUTING (for altering packets as soon as they come in), OUTPUT (for altering locally-generated packets before routing), and POSTROUTING (for altering packets as they are about to go out)." "This table is consulted when a packet that creates a new connection is encountered. * I'm not an expert in iptables or Linux Network Scheduling, but I'll try to help!Īccording to the description of nat ( Network Address Translation) table, in the iptables manual page:
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |