Erich Weiler a écrit :
Hmmm.. Follow up question to this. How would the outgoing connection back to the internet find it's way back to the remote internet host, if the source address was re-written to machine 1 when in came in to begin with? Wouldn't the original remote internet source address be lost in all the translation?
No, the connection tracking takes care of all this. The NAT operations applied by iptables rules to the first packet creating the connection are recorded and applied to subsequent packets in the same direction, while the inverse operations are applied to reply packets in the opposite direction.
Thanks for your insight by the way!
You're welcome. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html