> Hi, > > I have a small query. > > I have read that whenever a packet requesting a connection is > encountered, NAT table is used. My question is : Does it mean that for > new connection request packets ONLY NAT table is considered and not > default FILTER table? Looking at http://www.faqs.org/docs/iptables/traversingoftables.html a packet uses all tables, but not all chains. What chain a packet traverses depends on the routing decision (i.e. if a packet is for the local host or not), and/or if you DROP or REJECT a packet (in the mangle or nat table) before it can enter the filter table. Let's say you SNAT or DNAT a packet ; that packet is altered but will continue to traverse the tables (filter/FORWARD). Gr, Rob
