well for one, i know that PREROUTING and POSTROUTING are the first and last chains in the *nat table, which is responsible for network address translation. Every packet passes the PREROUTING chain as it enters any interface on the system, and passes POSTROUTING before it exits it, with exception to packets generated from the router itself, which bypass PREROUTING and enter the filter table directly, after which passing through POSTROUTING normally. Home networks typically have many local IP addresses connected through 1 internet-scoped address, so the router changes the source address when packets leave the local network (are forwarded out to the external interface) to match the internet-wide address. Source NAT changing happens in the POSTROUTING chain, and destination NAT in the PREROUTING.
As far as i know, but i'm slowly teaching myself all this.
Last edited by psycroptic; 10-11-2013 at 11:41 PM.
|