LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 10-11-2013, 03:11 AM   #1
austinramsay
Member
 
Registered: Jul 2007
Posts: 277

Rep: Reputation: 31
Don't understand prerouting/postrouting in iptables?


I'm a little confused on when to use prerouting or postrouting. I understand the difference but for example when you masquerade a connection in iptables you do it under the postrouting chain, why is that so? I would think you would put it in prerouting? And when forwarding a port, you use prerouting, why?
 
Old 10-11-2013, 11:40 PM   #2
psycroptic
Member
 
Registered: Aug 2011
Location: USA
Distribution: ArchLinux - 3.0 kernel
Posts: 349

Rep: Reputation: Disabled
well for one, i know that PREROUTING and POSTROUTING are the first and last chains in the *nat table, which is responsible for network address translation. Every packet passes the PREROUTING chain as it enters any interface on the system, and passes POSTROUTING before it exits it, with exception to packets generated from the router itself, which bypass PREROUTING and enter the filter table directly, after which passing through POSTROUTING normally. Home networks typically have many local IP addresses connected through 1 internet-scoped address, so the router changes the source address when packets leave the local network (are forwarded out to the external interface) to match the internet-wide address. Source NAT changing happens in the POSTROUTING chain, and destination NAT in the PREROUTING.

As far as i know, but i'm slowly teaching myself all this.

Last edited by psycroptic; 10-11-2013 at 11:41 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
PREROUTING and POSTROUTING theuser Linux - Security 32 11-28-2018 10:48 AM
advantages and disadvantages of nat prerouting / postrouting? Teomari Linux - Networking 2 04-13-2007 09:28 PM
I don't understand this iptables rule -i lo Melsync Linux - Security 2 09-19-2006 07:13 AM
POSTROUTING or PREROUTING czezz Linux - Networking 2 01-23-2006 01:42 PM
mark set on PREROUTING stays until POSTROUTING? eantoranz Linux - Networking 3 07-26-2005 06:50 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 03:25 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration