Find the answer to your Linux question:
Results 1 to 3 of 3
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1

    Question IPTables and FORWARD chain

    Hello guys.

    I'm reading about IPTables and its tables and chains, but I have some problems understanding how a forward works.

    I wrote some conclusions of what I understood so far:

    1. every incoming DNATed packet goes necessarily to FORWARD
    2. every outgoing SNATed packet not necessarily comes from FORWARD
    3. every forwarded packet was DNATed at PREROUTING and SNATed at POSTROUTING

    I hope you can help me to confirm that I'm in the right way.

    Kind regards and thanks for advance.

  2. #2
    Basically, the forwarding table is used whenever a packet enters the firewall table stream for which the destination IP address is different than any link local address on that server,*and*, /proc/sys/net/ipv4/ip_forward is set to one. Do not confuse the filter table with the nat table; the nat table is used for network address translation.

    Packets traverse the FORWARD chain in the filter table after the pre-routing chain in the nat table, and before the post routing chain in the nat table.


  3. #3
    Hi user26
    Forward table should be used if you are using your linux machine as a router, if you want to protect the Linux machine itself use INPUT table, if you want to prevent your linux machine from using certain ports use OUTPUT table.

  4. $spacer_open

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts