Network Troublshooting > General Networking Support in Linux

IPTABLES

(1/1)

michael:
Hello everybody !!!

Please guide me regarding iptables, I am really confused about SNAT, DNAT, INPUT , OUTPUT and FORWARD.

For eg :
eth0 - is the external IP.
eth1 - is the internal IP.

I am understanding like this is this correct ....

SNAT - Means connection made from the internal IP. (eth1)
DNAT - Means connection going out to the internet from the eth0. (external outgoing)
(iptables -A forward -d www.google.com -p tcp -s 192.168.1.1 -j ACCEPT)

INPUT - Means connection coming in to the eth0
OUTPUT - Means connection going to the eth0
FORWARD - Means connection made from eth1 to the eth0.

Is this correct, please let me know the result, how to go with this..


Thank you.
MichaelMadan.

Ricky:
Well.. you are getting it wrong..
So..
Iptables are used to define rules for firewall , packet filtering, etc. Here SNAT means altering the source address of the packet coming from the source you specified.
DNAT means altering the destination of  the packet.

INPUT is used nat , filter chains and is used to for the packets coming into the box itself ie. from the source you specified.
OUTPUT is also used in chains for the packets which are generated localy on the box.
Forward is for the packets which will be routed through the box.

Also the rule specified by you will give the error as you have not specified that which chain or table it should look for ie. ther is no conditions..

Navigation

[0] Message Index