-----Ursprüngliche Nachricht----- Von: Thomas Bätzler <t.baetzler@xxxxxxxxxx> Gesendet: Do 28.06.2012 19:44 Betreff: AW: general question about DNAT-rule An: netfilter@xxxxxxxxxxxxxxx; CC: Stefan Bauer <stefan.bauer@xxxxxxxxxxx>; > Stefan Bauer asked: > > This is done internally right? hence i dont see such a rule in the iptables > -t nat > > -vnL output? > > Have a look at /proc/net/ip_conntrack, or better yet, install the conntrack > utility. Ok - so it is handled internal. Can i sum this up and keep in mind the following? A single DNAT-rule is enough on a router to have bi-directional traffic as the required "SNAT-magic" is automatically done. A DNAT and SNAT-rule is required on a device to forward packages to another device because answer packages will not flow through the first device as it is not in the middle like a router? thank you very much for clarification. Stefan -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
