'how iptables/NAT work together'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       netfilter
Subject:    how iptables/NAT work together
From:       Christoph =?ISO-8859-1?Q?Sch=F6nfeld?=
Date:       2000-07-10 13:10:30
[Download RAW message or body]

could anybody tell me please if this is correct (I merged the ascii diagrams
of iptables and NAT from the HOWTOs):
        


      ________                     _____       _________
In   /        \                   /     \     /         \   Out
--->|PREROUTING|-->[Routing ]--->|FORWARD|---|POSTROUTING|---->
     \________/    [Decision]     \_____/     \_________/ 
                      |                            ^
                      v                           _|__
                     ___                         /    \
                    /   \                       |OUTPUT|
                   |INPUT|                       \____/
                    \___/                          ^
                      |                            |
                       -------> Local Process -----


I have a local network 192.168.1.0/24 connected to my linux box on eth0
(192.168.1.1) with masquerading enabled. (-t nat -j MASQUERADE -o ippp0...)
The outgoing connection goes over ippp0.
(Kernel 2.4.0-test2, iptables 1.1.0)

Where are the replies on masqueraded packets coming in? INPUT or FORWARD?
Where in the above diagram does de-masquerading take place?


Thanks,
Christoph

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic