On Thu, Mar 17, 2011 at 07:25, Julien Vehent <julien@xxxxxxxxxxxxxx> wrote: > > > On Wed, Mar 16, 2011 at 8:20 PM, Pandu Poluan <pandu@xxxxxxxxxxx> wrote: >> >> Another question that's been bugging me: >> >> When does the actual NAT process (i.e., swapping addresses) take place >> for DNAT and SNAT/MASQUERADE? And when does the reciprocal NAT (i.e., >> reverse NAT, that should happen for instance to process a reply to a >> packet that's been SNAT-ed) take place? >> >> >> My guess is just after the packet exits the nat table, before it >> enters the mangle table. >> > > NAT is performed after it exists the Mangle table, in PREROUTING and POSTROUTING. > http://wiki.linuxwall.info/lib/exe/fetch.php/ressources:dossiers:advanced_networking:nf-packet-flow.png > > > Julien Ah yes, sorry, got the location of the tables mixed up. So, it's performed after it exits the Mangle table, and after being processed by the Nat table? -- Pandu E Poluan ~ IT Optimizer ~ -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
