Content Guild

Home / general

How to select the Nat-table in iptables?

Daniel Avila |

How to select the Nat-table in iptables?

# Choosing the nat-table # (further arguments abbreviated by […]) iptables -t nat […] This selects the nat -table. There are two other tables, namely mangle und filter, but those are not used for NAT and therefore I mention them for completeness only. Since the default table is filter we have to select the nat table every time again.

How do I create a NAT router in Linux?

The Linux kernel usually posesses a packet filter framework called netfilter (Project home: netfilter.org). This framework enables a Linux machine with an appropriate number of network cards (interfaces) to become a router capable of NAT. We will use the command utility ‘iptables’ to create complex rules for modification and filtering of packets.

What is Network-Address-Translation (NAT) on Linux?

This tutorial shows how to set up network-address-translation (NAT) on a Linux system with iptables rules so that the system can act as a gateway and provide internet access to multiple hosts on a local network using a single public IP address.

How to add a NAT rule to a shared internet connection?

The command for a shared internet connection then simply is: This command can be explained in the following way: select table “nat” for configuration of NAT rules. Append a rule to the POSTROUTING chain (-A stands for “append”).

How to forward port 9999 to port 80 using iptables?

Now, to forward port 9999 on host 192.168.202.103 to port 80 on host 192.168.202.105, we need to add the following rules to the iptables configuration of host 192.168.202.103: To test if my NAT-rule is working, I will repeat the test with telnet:

What is iptables PREROUTING and POSTROUTING?

When a packet passes through Iptables, it passes a set of chains. Decisions made by those chains are called rules and that’s basically how you configure Iptables. For our setup to work, we need to add a DNAT and SNAT rule (Prerouting and Postrouting).

How do I use DNAT and SNAT to pre-rout a packet?

For our setup to work, we need to add a DNAT and SNAT rule (Prerouting and Postrouting). The first one will make sure that the packet gets routed to the other host (ip: 10.2.2.2) and the second one will make sure that the source address of the packet is no longer the original one but the one of the machine who performed the NAT.

You Might Also Like