Could anybody tell me or point me to some tutorials on what exactly the mangle table of iptables can do and how to use the mangle table?

What I actualy need is this:
(NETMAP) a 1:1 NAT function for whole networks.For example,for a a network containing 254 hosts using private IP addresses (a /24 network), and we just got a new /24 network of public IP's. Instead of walking around and changing the IP of each and every one of the hosts, useing the NETMAP target like -j NETMAP -to 10.5.6.0/24 , all the hosts are seen as 10.5.6.x when they leave the firewall. For example, 192.168.0.26 would become 10.5.6.26.

This (and above)i found in the iptables tutorial.
Eg. iptables -t mangle -A PREROUTING -s 192.168.1.0/24 -j NETMAP --to 10.5.6.0/24

I come across mangle here and want to know about it!

Hi,

I haven't been able to find out much about it.. But there is some information on NETMAP here. There is also more information on the mangle table in there.

If that isn't too much help, then consider taking a look at one of the tutorials here - hopefully one of them will be of use!

Cheers,

-jk

The NETMAP target is only available in the nat table, just change the "-t mangle" to "-t nat". See http://www.netfilter.org/projects/pa...om-base-NETMAP

The mangle table is generally for "specialised packet alteration", usually associated with routing and connection tracking.

For technical info, try http://www.netfilter.org/documentation/index.html

One observation, remapping to public IP addresses may expose all 254 hosts to external attack, 24/7. MASQUERADE or SNAT helps to keep the script kiddies out and saves on valuable IP addresses, you never know when you'll need a spare one.

i already had looked into those tutorials , i will try both mangle and nat table, i feel nat is more pertinent. anyways.. tnx so much for ur inputs