Re: SNAT in OUTPUT chain of the nat table question?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Wed, Jan 08, 2003 at 07:37:21PM -0500, bauer@mit.edu wrote:
> Is there a good reason that I am unable to conceive of at the 
> moment why SNAT is not a valid target in the OUTPUT chain of the
> nat table? 

  From 'man iptables':

   SNAT
       This  target  is  only  valid  in  the  nat  table, in the
       POSTROUTING chain.  It specifies that the  source  address

SNAT gets done just as packets go out, hence only in the POSTROUTING
chain as you only know where they're going by then.

-Ath
-- 
- Athanasius = Athanasius(at)miggy.org / http://www.miggy.org/
                  Finger athan(at)fysh.org for PGP key
	   "And it's me who is my enemy. Me who beats me up.
Me who makes the monsters. Me who strips my confidence." Paula Cole - ME

Attachment: pgp00258.pgp
Description: PGP signature

[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux