Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: iptables: User

UnNATing

  

 
iptables user RSS feed   Index | Next | Previous | View Threaded


tjchamberlain at hotmail

Jul 24, 2001, 5:00 AM

Post #1 of 4 (890 views)
Permalink
UnNATing
Sorry if I am terribly confused, but if I SNAT an outgoing packet from the
local LAN, is the return packet automatically DNATed back to the original
internal IP when the return packet comes in (as it would be for MASQ in
ipchains)? If so, I would assume the auto-DNAT happens pre-routing.. is this
correct?

The NAT HOWTO hints that this is the case but doesn't explicitly say it
anywhere.

Thanks
Toby


_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp


Filip.Sneppe at cronos

Jul 24, 2001, 5:16 AM

Post #2 of 4 (854 views)
Permalink
RE: UnNATing [In reply to]
Toby Chamberlain [SMTP:tjchamberlain [at] hotmail] wrote:
>
>Sorry if I am terribly confused, but if I SNAT an outgoing packet from
>the
>local LAN, is the return packet automatically DNATed back to the
>original
>internal IP when the return packet comes in (as it would be for MASQ in

Yes, happens automatically

-Filip


tjchamberlain at hotmail

Jul 24, 2001, 5:59 AM

Post #3 of 4 (846 views)
Permalink
RE: UnNATing [In reply to]
>is the return packet automatically DNATed back to the
> >original
> >internal IP when the return packet comes in (as it would be for MASQ in
>
>Yes, happens automatically
>

And am I right in assuming that it happens _before_ any packet filtering..
so the return packet will hit the FORWARD chain and not the INPUT chain??

Thanks
Toby



_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp


N.Morse at hyperknowledge

Jul 24, 2001, 6:06 AM

Post #4 of 4 (854 views)
Permalink
RE: UnNATing [In reply to]
In this case (ie. an automatic DNAT of a return packet) yes.

>
> >is the return packet automatically DNATed back to the
> > >original
> > >internal IP when the return packet comes in (as it would
> be for MASQ in
> >
> >Yes, happens automatically
> >
>
> And am I right in assuming that it happens _before_ any
> packet filtering..
> so the return packet will hit the FORWARD chain and not the
> INPUT chain??

iptables user RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.